Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE Linux Micro 5.2: 2024:3567-1 important: Kernel Security Fixes

suse
Calendar Grey October 9, 2024
Dist Suse Esm H88
Kernel update SUSE-SU-2024:3568-1 introduces vital improvements and bug resolutions, refer to documentation for deployment.
* bsc#1226666 * bsc#1227487 * bsc#1229633 * bsc#1230015 * bsc#1230245

Summary

## The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48945: media: vivid: fix compose size exceed boundary (bsc#1230398). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229633). * CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015). * CVE-2024-46695: selinux,smack: do not bypass permissions check in inode_setsecctx hook (bsc#1230519). * CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434). * CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245). The following non-security bugs were fixed: * ext4: add check to prevent attempting to resize an fs with sparse_super2 (bsc#1230326).

Topics%20covered

Topics Covered

security advisory bug fix threat important kernel SUSE updates

References

* bsc#1226666

* bsc#1227487

* bsc#1229633

* bsc#1230015

* bsc#1230245

* bsc#1230326

* bsc#1230398

* bsc#1230434

* bsc#1230519

* bsc#1230767

Cross-

* CVE-2022-48911

* CVE-2022-48945

* CVE-2024-44946

* CVE-2024-45003

* CVE-2024-45021

* CVE-2024-46695

* CVE-2024-46774

CVSS scores:

* CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-44946 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-44946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-45003 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-45021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:3567-1
Release Date: 2024-10-09T09:46:04Z
Rating: important

Topics%20covered

Topics Covered

security advisory bug fix threat important kernel SUSE updates

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here