SUSE: 2024:3563-1 important: Kernel Updates Address Security Threats

suse

October 9, 2024

* bsc#1216223 * bsc#1223600 * bsc#1223958 * bsc#1225272 * bsc#1227487

Summary

## The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229633). * CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662) * CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407). * CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015). * CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434). * CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe error path (bsc#1230507). The following non-security bugs were fixed: * SUNRPC: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272 bsc#1231016).

Topics Covered

security advisory kernel update security fix SUSE threat management impact assessment system reboot

References

* bsc#1216223

* bsc#1223600

* bsc#1223958

* bsc#1225272

* bsc#1227487

* bsc#1229407

* bsc#1229633

* bsc#1229662

* bsc#1229947

* bsc#1230015

* bsc#1230398

* bsc#1230434

* bsc#1230507

* bsc#1230767

* bsc#1231016

Cross-

* CVE-2022-48911

* CVE-2022-48923

* CVE-2022-48944

* CVE-2022-48945

* CVE-2024-42301

* CVE-2024-44946

* CVE-2024-45021

* CVE-2024-46674

* CVE-2024-46774

CVSS scores:

* CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48923 ( SUSE ): 7.3

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2022-48923 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48923 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2024:3563-1

Release Date: 2024-10-09T09:04:26Z

Rating: important

Topics Covered

security advisory kernel update security fix SUSE threat management impact assessment system reboot

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2024:3563-1 important: Kernel Updates Address Security Threats

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2024:3563-1 important: Kernel Updates Address Security Threats

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!