Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

SUSE: 2025:0452-1 important: kernel live patch addressing critical issues

suse
Calendar Grey February 12, 2025
Dist Suse Esm H88
Critical patch released for Linux Kernel Live Update, fixing various vulnerabilities affecting SUSE customers.
* bsc#1230998 * bsc#1231993 Cross-References: * CVE-2024-45016

Summary

## This update for the Linux Kernel 5.3.18-150300_59_179 fixes several issues. The following security issues were fixed: * CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230998). * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-452=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-454=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-454=1 ## Package List:

References

* bsc#1230998

* bsc#1231993

Cross-

* CVE-2024-45016

* CVE-2024-47684

CVSS scores:

* CVE-2024-45016 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-45016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-47684 ( SUSE ): 8.2

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2024-47684 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-47684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.3

* SUSE Linux Enterprise High Performance Computing 12 SP5

* SUSE Linux Enterprise High Performance Computing 15 SP3

* SUSE Linux Enterprise Live Patching 12-SP5

* SUSE Linux Enterprise Live Patching 15-SP3

* SUSE Linux Enterprise Micro 5.1

* SUSE Linux Enterprise Micro 5.2

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:0452-1
Release Date: 2025-02-12T11:33:37Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here