# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:3225-1  
Rating: important  
References:

  * bsc#1176447
  * bsc#1195668
  * bsc#1195928
  * bsc#1195957
  * bsc#1196018
  * bsc#1196516
  * bsc#1196823
  * bsc#1202346
  * bsc#1209636
  * bsc#1209799
  * bsc#1210629
  * bsc#1216834
  * bsc#1222251
  * bsc#1225109
  * bsc#1225584
  * bsc#1227832
  * bsc#1227924
  * bsc#1227928
  * bsc#1227932
  * bsc#1227935
  * bsc#1227941
  * bsc#1227942
  * bsc#1227945
  * bsc#1227952
  * bsc#1227964
  * bsc#1227969
  * bsc#1227985
  * bsc#1227987
  * bsc#1227988
  * bsc#1227989
  * bsc#1227997
  * bsc#1228000
  * bsc#1228004
  * bsc#1228005
  * bsc#1228006
  * bsc#1228015
  * bsc#1228020
  * bsc#1228037
  * bsc#1228045
  * bsc#1228060
  * bsc#1228062
  * bsc#1228066
  * bsc#1228466
  * bsc#1228516
  * bsc#1228576
  * bsc#1228959
  * bsc#1229400
  * bsc#1229454
  * bsc#1229500
  * bsc#1229503
  * bsc#1229510
  * bsc#1229512
  * bsc#1229598
  * bsc#1229604
  * bsc#1229607
  * bsc#1229620
  * bsc#1229621
  * bsc#1229624
  * bsc#1229626
  * bsc#1229629
  * bsc#1229630
  * bsc#1229637
  * bsc#1229641
  * bsc#1229657
  * bsc#1229707

  
Cross-References:

  * CVE-2021-4441
  * CVE-2022-48775
  * CVE-2022-48778
  * CVE-2022-48787
  * CVE-2022-48788
  * CVE-2022-48789
  * CVE-2022-48790
  * CVE-2022-48798
  * CVE-2022-48802
  * CVE-2022-48805
  * CVE-2022-48811
  * CVE-2022-48823
  * CVE-2022-48824
  * CVE-2022-48827
  * CVE-2022-48834
  * CVE-2022-48835
  * CVE-2022-48836
  * CVE-2022-48837
  * CVE-2022-48838
  * CVE-2022-48839
  * CVE-2022-48843
  * CVE-2022-48851
  * CVE-2022-48853
  * CVE-2022-48856
  * CVE-2022-48857
  * CVE-2022-48858
  * CVE-2022-48872
  * CVE-2022-48873
  * CVE-2022-48901
  * CVE-2022-48905
  * CVE-2022-48912
  * CVE-2022-48917
  * CVE-2022-48919
  * CVE-2022-48925
  * CVE-2022-48926
  * CVE-2022-48928
  * CVE-2022-48930
  * CVE-2022-48933
  * CVE-2022-48934
  * CVE-2023-52854
  * CVE-2024-40910
  * CVE-2024-41009
  * CVE-2024-41062
  * CVE-2024-41087
  * CVE-2024-42077
  * CVE-2024-42232
  * CVE-2024-42271
  * CVE-2024-43861
  * CVE-2024-43882
  * CVE-2024-43883
  * CVE-2024-44947

  
CVSS scores:

  * CVE-2021-4441 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-4441 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48775 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2022-48775 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48778 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2022-48778 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48787 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48787 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48788 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
  * CVE-2022-48788 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48789 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48789 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48790 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48790 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48798 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48802 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48805 ( SUSE ):  6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48811 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48823 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2022-48824 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48824 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48827 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48834 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2022-48834 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48835 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48835 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48836 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48836 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48837 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48837 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48838 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48838 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48839 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48839 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48843 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48843 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48851 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48851 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48853 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48853 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2022-48856 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48856 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48857 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48857 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48858 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48858 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48872 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48872 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48873 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48873 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48901 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48901 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48905 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2022-48905 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48912 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48912 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48917 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48917 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48919 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-48919 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48919 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48925 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48925 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48926 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48926 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48928 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48928 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48930 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48930 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48933 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48933 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48934 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48934 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52854 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-40910 ( SUSE ):  7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40910 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-41009 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-41009 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-41062 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-41062 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-41087 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-41087 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-42077 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-42077 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-42232 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-42232 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-42232 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-42271 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-42271 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-42271 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-43861 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-43861 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-43882 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-43882 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-43883 ( SUSE ):  5.4
    CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-43883 ( SUSE ):  6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-44947 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
  * CVE-2024-44947 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2

  
  
An update that solves 51 vulnerabilities and has 14 security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

  * CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate
    (bsc#1229454).
  * CVE-2022-48919: Fix double free race when mount fails in cifs_get_root()
    (bsc#1229657).
  * CVE-2023-52854: Fix refcnt handling in padata_free_shell() (bsc#1225584).
  * CVE-2024-43883: Do not drop references before new references are gained
    (bsc#1229707).
  * CVE-2024-41062: bluetooth/l2cap: sync sock recv cb and release
    (bsc#1228576).
  * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
  * CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466).
  * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage.
    (bsc#1229503)
  * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  * CVE-2022-48872: Fix use-after-free race condition for maps (bsc#1229510).
  * CVE-2022-48873: Do not remove map on creater_process and device_release
    (bsc#1229512).
  * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
  * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop().
    (bsc#1228959)
  * CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832).
  * CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020).

The following non-security bugs were fixed:

  * Bluetooth: L2CAP: Fix deadlock (git-fixes).
  * sched/psi: use kernfs polling functions for PSI trigger polling (bsc#1209799
    bsc#1225109).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3225=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3225=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3225=1

## Package List:

  * SUSE Linux Enterprise Micro 5.1 (nosrc x86_64)
    * kernel-rt-5.3.18-150300.181.2
  * SUSE Linux Enterprise Micro 5.1 (x86_64)
    * kernel-rt-debuginfo-5.3.18-150300.181.2
    * kernel-rt-debugsource-5.3.18-150300.181.2
  * SUSE Linux Enterprise Micro 5.1 (noarch)
    * kernel-source-rt-5.3.18-150300.181.2
  * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64)
    * kernel-rt-5.3.18-150300.181.2
  * SUSE Linux Enterprise Micro 5.2 (x86_64)
    * kernel-rt-debuginfo-5.3.18-150300.181.2
    * kernel-rt-debugsource-5.3.18-150300.181.2
  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * kernel-source-rt-5.3.18-150300.181.2
  * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64)
    * kernel-rt-5.3.18-150300.181.2
  * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64)
    * kernel-rt-debuginfo-5.3.18-150300.181.2
    * kernel-rt-debugsource-5.3.18-150300.181.2
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * kernel-source-rt-5.3.18-150300.181.2

## References:

  * https://www.suse.com/security/cve/CVE-2021-4441.html
  * https://www.suse.com/security/cve/CVE-2022-48775.html
  * https://www.suse.com/security/cve/CVE-2022-48778.html
  * https://www.suse.com/security/cve/CVE-2022-48787.html
  * https://www.suse.com/security/cve/CVE-2022-48788.html
  * https://www.suse.com/security/cve/CVE-2022-48789.html
  * https://www.suse.com/security/cve/CVE-2022-48790.html
  * https://www.suse.com/security/cve/CVE-2022-48798.html
  * https://www.suse.com/security/cve/CVE-2022-48802.html
  * https://www.suse.com/security/cve/CVE-2022-48805.html
  * https://www.suse.com/security/cve/CVE-2022-48811.html
  * https://www.suse.com/security/cve/CVE-2022-48823.html
  * https://www.suse.com/security/cve/CVE-2022-48824.html
  * https://www.suse.com/security/cve/CVE-2022-48827.html
  * https://www.suse.com/security/cve/CVE-2022-48834.html
  * https://www.suse.com/security/cve/CVE-2022-48835.html
  * https://www.suse.com/security/cve/CVE-2022-48836.html
  * https://www.suse.com/security/cve/CVE-2022-48837.html
  * https://www.suse.com/security/cve/CVE-2022-48838.html
  * https://www.suse.com/security/cve/CVE-2022-48839.html
  * https://www.suse.com/security/cve/CVE-2022-48843.html
  * https://www.suse.com/security/cve/CVE-2022-48851.html
  * https://www.suse.com/security/cve/CVE-2022-48853.html
  * https://www.suse.com/security/cve/CVE-2022-48856.html
  * https://www.suse.com/security/cve/CVE-2022-48857.html
  * https://www.suse.com/security/cve/CVE-2022-48858.html
  * https://www.suse.com/security/cve/CVE-2022-48872.html
  * https://www.suse.com/security/cve/CVE-2022-48873.html
  * https://www.suse.com/security/cve/CVE-2022-48901.html
  * https://www.suse.com/security/cve/CVE-2022-48905.html
  * https://www.suse.com/security/cve/CVE-2022-48912.html
  * https://www.suse.com/security/cve/CVE-2022-48917.html
  * https://www.suse.com/security/cve/CVE-2022-48919.html
  * https://www.suse.com/security/cve/CVE-2022-48925.html
  * https://www.suse.com/security/cve/CVE-2022-48926.html
  * https://www.suse.com/security/cve/CVE-2022-48928.html
  * https://www.suse.com/security/cve/CVE-2022-48930.html
  * https://www.suse.com/security/cve/CVE-2022-48933.html
  * https://www.suse.com/security/cve/CVE-2022-48934.html
  * https://www.suse.com/security/cve/CVE-2023-52854.html
  * https://www.suse.com/security/cve/CVE-2024-40910.html
  * https://www.suse.com/security/cve/CVE-2024-41009.html
  * https://www.suse.com/security/cve/CVE-2024-41062.html
  * https://www.suse.com/security/cve/CVE-2024-41087.html
  * https://www.suse.com/security/cve/CVE-2024-42077.html
  * https://www.suse.com/security/cve/CVE-2024-42232.html
  * https://www.suse.com/security/cve/CVE-2024-42271.html
  * https://www.suse.com/security/cve/CVE-2024-43861.html
  * https://www.suse.com/security/cve/CVE-2024-43882.html
  * https://www.suse.com/security/cve/CVE-2024-43883.html
  * https://www.suse.com/security/cve/CVE-2024-44947.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1176447
  * https://bugzilla.suse.com/show_bug.cgi?id=1195668
  * https://bugzilla.suse.com/show_bug.cgi?id=1195928
  * https://bugzilla.suse.com/show_bug.cgi?id=1195957
  * https://bugzilla.suse.com/show_bug.cgi?id=1196018
  * https://bugzilla.suse.com/show_bug.cgi?id=1196516
  * https://bugzilla.suse.com/show_bug.cgi?id=1196823
  * https://bugzilla.suse.com/show_bug.cgi?id=1202346
  * https://bugzilla.suse.com/show_bug.cgi?id=1209636
  * https://bugzilla.suse.com/show_bug.cgi?id=1209799
  * https://bugzilla.suse.com/show_bug.cgi?id=1210629
  * https://bugzilla.suse.com/show_bug.cgi?id=1216834
  * https://bugzilla.suse.com/show_bug.cgi?id=1222251
  * https://bugzilla.suse.com/show_bug.cgi?id=1225109
  * https://bugzilla.suse.com/show_bug.cgi?id=1225584
  * https://bugzilla.suse.com/show_bug.cgi?id=1227832
  * https://bugzilla.suse.com/show_bug.cgi?id=1227924
  * https://bugzilla.suse.com/show_bug.cgi?id=1227928
  * https://bugzilla.suse.com/show_bug.cgi?id=1227932
  * https://bugzilla.suse.com/show_bug.cgi?id=1227935
  * https://bugzilla.suse.com/show_bug.cgi?id=1227941
  * https://bugzilla.suse.com/show_bug.cgi?id=1227942
  * https://bugzilla.suse.com/show_bug.cgi?id=1227945
  * https://bugzilla.suse.com/show_bug.cgi?id=1227952
  * https://bugzilla.suse.com/show_bug.cgi?id=1227964
  * https://bugzilla.suse.com/show_bug.cgi?id=1227969
  * https://bugzilla.suse.com/show_bug.cgi?id=1227985
  * https://bugzilla.suse.com/show_bug.cgi?id=1227987
  * https://bugzilla.suse.com/show_bug.cgi?id=1227988
  * https://bugzilla.suse.com/show_bug.cgi?id=1227989
  * https://bugzilla.suse.com/show_bug.cgi?id=1227997
  * https://bugzilla.suse.com/show_bug.cgi?id=1228000
  * https://bugzilla.suse.com/show_bug.cgi?id=1228004
  * https://bugzilla.suse.com/show_bug.cgi?id=1228005
  * https://bugzilla.suse.com/show_bug.cgi?id=1228006
  * https://bugzilla.suse.com/show_bug.cgi?id=1228015
  * https://bugzilla.suse.com/show_bug.cgi?id=1228020
  * https://bugzilla.suse.com/show_bug.cgi?id=1228037
  * https://bugzilla.suse.com/show_bug.cgi?id=1228045
  * https://bugzilla.suse.com/show_bug.cgi?id=1228060
  * https://bugzilla.suse.com/show_bug.cgi?id=1228062
  * https://bugzilla.suse.com/show_bug.cgi?id=1228066
  * https://bugzilla.suse.com/show_bug.cgi?id=1228466
  * https://bugzilla.suse.com/show_bug.cgi?id=1228516
  * https://bugzilla.suse.com/show_bug.cgi?id=1228576
  * https://bugzilla.suse.com/show_bug.cgi?id=1228959
  * https://bugzilla.suse.com/show_bug.cgi?id=1229400
  * https://bugzilla.suse.com/show_bug.cgi?id=1229454
  * https://bugzilla.suse.com/show_bug.cgi?id=1229500
  * https://bugzilla.suse.com/show_bug.cgi?id=1229503
  * https://bugzilla.suse.com/show_bug.cgi?id=1229510
  * https://bugzilla.suse.com/show_bug.cgi?id=1229512
  * https://bugzilla.suse.com/show_bug.cgi?id=1229598
  * https://bugzilla.suse.com/show_bug.cgi?id=1229604
  * https://bugzilla.suse.com/show_bug.cgi?id=1229607
  * https://bugzilla.suse.com/show_bug.cgi?id=1229620
  * https://bugzilla.suse.com/show_bug.cgi?id=1229621
  * https://bugzilla.suse.com/show_bug.cgi?id=1229624
  * https://bugzilla.suse.com/show_bug.cgi?id=1229626
  * https://bugzilla.suse.com/show_bug.cgi?id=1229629
  * https://bugzilla.suse.com/show_bug.cgi?id=1229630
  * https://bugzilla.suse.com/show_bug.cgi?id=1229637
  * https://bugzilla.suse.com/show_bug.cgi?id=1229641
  * https://bugzilla.suse.com/show_bug.cgi?id=1229657
  * https://bugzilla.suse.com/show_bug.cgi?id=1229707

SUSE: 2024:3225-1 important: the Linux Kernel Security Advisory Updates

September 12, 2024
* bsc#1176447 * bsc#1195668 * bsc#1195928 * bsc#1195957 * bsc#1196018

Summary

## The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * CVE-2022-48919: Fix double free race when mount fails in cifs_get_root() (bsc#1229657). * CVE-2023-52854: Fix refcnt handling in padata_free_shell() (bsc#1225584). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-41062: bluetooth/l2cap: sync sock recv cb and release (bsc#1228576). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641) * CVE-2022-48872: Fix use-after-free race condition for maps (bsc#1229510). * CVE-2022-48873: Do not remove map on creater_process and device_release (bsc#1229512). * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832). * CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020). The following non-security bugs were fixed: * Bluetooth: L2CAP: Fix deadlock (git-fixes). * sched/psi: use kernfs polling functions for PSI trigger polling (bsc#1209799 bsc#1225109).

References

* bsc#1176447

* bsc#1195668

* bsc#1195928

* bsc#1195957

* bsc#1196018

* bsc#1196516

* bsc#1196823

* bsc#1202346

* bsc#1209636

* bsc#1209799

* bsc#1210629

* bsc#1216834

* bsc#1222251

* bsc#1225109

* bsc#1225584

* bsc#1227832

* bsc#1227924

* bsc#1227928

* bsc#1227932

* bsc#1227935

* bsc#1227941

* bsc#1227942

* bsc#1227945

* bsc#1227952

* bsc#1227964

* bsc#1227969

* bsc#1227985

* bsc#1227987

* bsc#1227988

* bsc#1227989

* bsc#1227997

* bsc#1228000

* bsc#1228004

* bsc#1228005

* bsc#1228006

* bsc#1228015

* bsc#1228020

* bsc#1228037

* bsc#1228045

* bsc#1228060

* bsc#1228062

* bsc#1228066

* bsc#1228466

* bsc#1228516

* bsc#1228576

* bsc#1228959

* bsc#1229400

* bsc#1229454

* bsc#1229500

* bsc#1229503

* bsc#1229510

* bsc#1229512

* bsc#1229598

* bsc#1229604

* bsc#1229607

* bsc#1229620

* bsc#1229621

* bsc#1229624

* bsc#1229626

* bsc#1229629

* bsc#1229630

* bsc#1229637

* bsc#1229641

* bsc#1229657

* bsc#1229707

Cross-

* CVE-2021-4441

* CVE-2022-48775

* CVE-2022-48778

* CVE-2022-48787

* CVE-2022-48788

* CVE-2022-48789

* CVE-2022-48790

* CVE-2022-48798

* CVE-2022-48802

* CVE-2022-48805

* CVE-2022-48811

* CVE-2022-48823

* CVE-2022-48824

* CVE-2022-48827

* CVE-2022-48834

* CVE-2022-48835

* CVE-2022-48836

* CVE-2022-48837

* CVE-2022-48838

* CVE-2022-48839

* CVE-2022-48843

* CVE-2022-48851

* CVE-2022-48853

* CVE-2022-48856

* CVE-2022-48857

* CVE-2022-48858

* CVE-2022-48872

* CVE-2022-48873

* CVE-2022-48901

* CVE-2022-48905

* CVE-2022-48912

* CVE-2022-48917

* CVE-2022-48919

* CVE-2022-48925

* CVE-2022-48926

* CVE-2022-48928

* CVE-2022-48930

* CVE-2022-48933

* CVE-2022-48934

* CVE-2023-52854

* CVE-2024-40910

* CVE-2024-41009

* CVE-2024-41062

* CVE-2024-41087

* CVE-2024-42077

* CVE-2024-42232

* CVE-2024-42271

* CVE-2024-43861

* CVE-2024-43882

* CVE-2024-43883

* CVE-2024-44947

CVSS scores:

* CVE-2021-4441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-4441 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48775 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

* CVE-2022-48775 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48778 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

* CVE-2022-48778 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48788 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

* CVE-2022-48788 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48789 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48789 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48790 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48790 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48805 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48823 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

* CVE-2022-48824 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48824 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48827 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48834 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N

* CVE-2022-48834 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48835 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48836 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48836 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48837 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48838 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48838 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48839 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48843 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48843 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48851 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2022-48856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48857 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48858 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48872 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48872 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48873 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

* CVE-2022-48905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48912 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48912 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48919 ( SUSE ): 7.1

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48926 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48928 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48934 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-52854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-40910 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-40910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-41009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-41009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-41062 ( SUSE ): 7.3

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-42232 ( SUSE ): 7.3

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-42271 ( SUSE ): 7.3

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-43883 ( SUSE ): 5.4

CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-44947 ( SUSE ): 6.8

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

* CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* SUSE Linux Enterprise Micro 5.1

* SUSE Linux Enterprise Micro 5.2

* SUSE Linux Enterprise Micro for Rancher 5.2

An update that solves 51 vulnerabilities and has 14 security fixes can now be

installed.

##

* https://www.suse.com/security/cve/CVE-2021-4441.html

* https://www.suse.com/security/cve/CVE-2022-48775.html

* https://www.suse.com/security/cve/CVE-2022-48778.html

* https://www.suse.com/security/cve/CVE-2022-48787.html

* https://www.suse.com/security/cve/CVE-2022-48788.html

* https://www.suse.com/security/cve/CVE-2022-48789.html

* https://www.suse.com/security/cve/CVE-2022-48790.html

* https://www.suse.com/security/cve/CVE-2022-48798.html

* https://www.suse.com/security/cve/CVE-2022-48802.html

* https://www.suse.com/security/cve/CVE-2022-48805.html

* https://www.suse.com/security/cve/CVE-2022-48811.html

* https://www.suse.com/security/cve/CVE-2022-48823.html

* https://www.suse.com/security/cve/CVE-2022-48824.html

* https://www.suse.com/security/cve/CVE-2022-48827.html

* https://www.suse.com/security/cve/CVE-2022-48834.html

* https://www.suse.com/security/cve/CVE-2022-48835.html

* https://www.suse.com/security/cve/CVE-2022-48836.html

* https://www.suse.com/security/cve/CVE-2022-48837.html

* https://www.suse.com/security/cve/CVE-2022-48838.html

* https://www.suse.com/security/cve/CVE-2022-48839.html

* https://www.suse.com/security/cve/CVE-2022-48843.html

* https://www.suse.com/security/cve/CVE-2022-48851.html

* https://www.suse.com/security/cve/CVE-2022-48853.html

* https://www.suse.com/security/cve/CVE-2022-48856.html

* https://www.suse.com/security/cve/CVE-2022-48857.html

* https://www.suse.com/security/cve/CVE-2022-48858.html

* https://www.suse.com/security/cve/CVE-2022-48872.html

* https://www.suse.com/security/cve/CVE-2022-48873.html

* https://www.suse.com/security/cve/CVE-2022-48901.html

* https://www.suse.com/security/cve/CVE-2022-48905.html

* https://www.suse.com/security/cve/CVE-2022-48912.html

* https://www.suse.com/security/cve/CVE-2022-48917.html

* https://www.suse.com/security/cve/CVE-2022-48919.html

* https://www.suse.com/security/cve/CVE-2022-48925.html

* https://www.suse.com/security/cve/CVE-2022-48926.html

* https://www.suse.com/security/cve/CVE-2022-48928.html

* https://www.suse.com/security/cve/CVE-2022-48930.html

* https://www.suse.com/security/cve/CVE-2022-48933.html

* https://www.suse.com/security/cve/CVE-2022-48934.html

* https://www.suse.com/security/cve/CVE-2023-52854.html

* https://www.suse.com/security/cve/CVE-2024-40910.html

* https://www.suse.com/security/cve/CVE-2024-41009.html

* https://www.suse.com/security/cve/CVE-2024-41062.html

* https://www.suse.com/security/cve/CVE-2024-41087.html

* https://www.suse.com/security/cve/CVE-2024-42077.html

* https://www.suse.com/security/cve/CVE-2024-42232.html

* https://www.suse.com/security/cve/CVE-2024-42271.html

* https://www.suse.com/security/cve/CVE-2024-43861.html

* https://www.suse.com/security/cve/CVE-2024-43882.html

* https://www.suse.com/security/cve/CVE-2024-43883.html

* https://www.suse.com/security/cve/CVE-2024-44947.html

* https://bugzilla.suse.com/show_bug.cgi?id=1176447

* https://bugzilla.suse.com/show_bug.cgi?id=1195668

* https://bugzilla.suse.com/show_bug.cgi?id=1195928

* https://bugzilla.suse.com/show_bug.cgi?id=1195957

* https://bugzilla.suse.com/show_bug.cgi?id=1196018

* https://bugzilla.suse.com/show_bug.cgi?id=1196516

* https://bugzilla.suse.com/show_bug.cgi?id=1196823

* https://bugzilla.suse.com/show_bug.cgi?id=1202346

* https://bugzilla.suse.com/show_bug.cgi?id=1209636

* https://bugzilla.suse.com/show_bug.cgi?id=1209799

* https://bugzilla.suse.com/show_bug.cgi?id=1210629

* https://bugzilla.suse.com/show_bug.cgi?id=1216834

* https://bugzilla.suse.com/show_bug.cgi?id=1222251

* https://bugzilla.suse.com/show_bug.cgi?id=1225109

* https://bugzilla.suse.com/show_bug.cgi?id=1225584

* https://bugzilla.suse.com/show_bug.cgi?id=1227832

* https://bugzilla.suse.com/show_bug.cgi?id=1227924

* https://bugzilla.suse.com/show_bug.cgi?id=1227928

* https://bugzilla.suse.com/show_bug.cgi?id=1227932

* https://bugzilla.suse.com/show_bug.cgi?id=1227935

* https://bugzilla.suse.com/show_bug.cgi?id=1227941

* https://bugzilla.suse.com/show_bug.cgi?id=1227942

* https://bugzilla.suse.com/show_bug.cgi?id=1227945

* https://bugzilla.suse.com/show_bug.cgi?id=1227952

* https://bugzilla.suse.com/show_bug.cgi?id=1227964

* https://bugzilla.suse.com/show_bug.cgi?id=1227969

* https://bugzilla.suse.com/show_bug.cgi?id=1227985

* https://bugzilla.suse.com/show_bug.cgi?id=1227987

* https://bugzilla.suse.com/show_bug.cgi?id=1227988

* https://bugzilla.suse.com/show_bug.cgi?id=1227989

* https://bugzilla.suse.com/show_bug.cgi?id=1227997

* https://bugzilla.suse.com/show_bug.cgi?id=1228000

* https://bugzilla.suse.com/show_bug.cgi?id=1228004

* https://bugzilla.suse.com/show_bug.cgi?id=1228005

* https://bugzilla.suse.com/show_bug.cgi?id=1228006

* https://bugzilla.suse.com/show_bug.cgi?id=1228015

* https://bugzilla.suse.com/show_bug.cgi?id=1228020

* https://bugzilla.suse.com/show_bug.cgi?id=1228037

* https://bugzilla.suse.com/show_bug.cgi?id=1228045

* https://bugzilla.suse.com/show_bug.cgi?id=1228060

* https://bugzilla.suse.com/show_bug.cgi?id=1228062

* https://bugzilla.suse.com/show_bug.cgi?id=1228066

* https://bugzilla.suse.com/show_bug.cgi?id=1228466

* https://bugzilla.suse.com/show_bug.cgi?id=1228516

* https://bugzilla.suse.com/show_bug.cgi?id=1228576

* https://bugzilla.suse.com/show_bug.cgi?id=1228959

* https://bugzilla.suse.com/show_bug.cgi?id=1229400

* https://bugzilla.suse.com/show_bug.cgi?id=1229454

* https://bugzilla.suse.com/show_bug.cgi?id=1229500

* https://bugzilla.suse.com/show_bug.cgi?id=1229503

* https://bugzilla.suse.com/show_bug.cgi?id=1229510

* https://bugzilla.suse.com/show_bug.cgi?id=1229512

* https://bugzilla.suse.com/show_bug.cgi?id=1229598

* https://bugzilla.suse.com/show_bug.cgi?id=1229604

* https://bugzilla.suse.com/show_bug.cgi?id=1229607

* https://bugzilla.suse.com/show_bug.cgi?id=1229620

* https://bugzilla.suse.com/show_bug.cgi?id=1229621

* https://bugzilla.suse.com/show_bug.cgi?id=1229624

* https://bugzilla.suse.com/show_bug.cgi?id=1229626

* https://bugzilla.suse.com/show_bug.cgi?id=1229629

* https://bugzilla.suse.com/show_bug.cgi?id=1229630

* https://bugzilla.suse.com/show_bug.cgi?id=1229637

* https://bugzilla.suse.com/show_bug.cgi?id=1229641

* https://bugzilla.suse.com/show_bug.cgi?id=1229657

* https://bugzilla.suse.com/show_bug.cgi?id=1229707

Severity
Announcement ID: SUSE-SU-2024:3225-1
Rating: important

Related News

Fighting Back Against Hadooken Malware by Strengthening WebLogic Security
2 - 4 min read
Cybercriminals have been relentlessly attacking the digital landscape, aiming to exploit vulnerabilities in well-known systems. One such exploit is
CISA Sounds Alarm on Newly Exploited Vulnerabilities: Is Your System at Risk?
3 - 5 min read
CISA regularly publishes updates regarding vulnerabilities that present severe threats to global cybersecurity. Recently, CISA added three
Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved