SUSE-SU-2024:3563-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20243563-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:3563-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:3563-1
Related
Published
2024-10-09T09:04:25Z
Modified
2024-10-09T09:04:25Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2022-48911: kabi: add _nfqueuegetrefs() for kabi compliance. (bsc#1229633).
  • CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)
  • CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407).
  • CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
  • CVE-2024-45021: memcgwriteevent_control(): fix a user-triggerable oops (bsc#1230434).
  • CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe error path (bsc#1230507).

The following non-security bugs were fixed:

  • SUNRPC: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272 bsc#1231016).
  • blk-mq: add helper for checking if one CPU is mapped to specified hctx (bsc#1223600).
  • blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600).
  • kabi: add _nfqueuegetrefs() for kabi compliance.
  • scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223).
  • scsi: smartpqi: Expose SAS address for SATA drives (bsc#1223958).
References

Affected packages

SUSE:Linux Enterprise Micro 5.3 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.97.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.97.1",
            "kernel-rt": "5.14.21-150400.15.97.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.3 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.97.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.97.1",
            "kernel-rt": "5.14.21-150400.15.97.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.4 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.97.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.97.1",
            "kernel-rt": "5.14.21-150400.15.97.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.4 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.97.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.97.1",
            "kernel-rt": "5.14.21-150400.15.97.1"
        }
    ]
}