SUSE-SU-2024:3567-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2024/suse-su-20243567-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:3567-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:3567-1
Related
Published
2024-10-09T09:46:04Z
Modified
2025-05-02T04:34:03.818143Z
Upstream
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2022-48945: media: vivid: fix compose size exceed boundary (bsc#1230398).
  • CVE-2022-48911: kabi: add _nfqueuegetrefs() for kabi compliance. (bsc#1229633).
  • CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
  • CVE-2024-46695: selinux,smack: do not bypass permissions check in inode_setsecctx hook (bsc#1230519).
  • CVE-2024-45021: memcgwriteevent_control(): fix a user-triggerable oops (bsc#1230434).
  • CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).

The following non-security bugs were fixed:

  • ext4: add check to prevent attempting to resize an fs with sparse_super2 (bsc#1230326).
  • ext4: add reserved GDT blocks check (bsc#1230326).
  • ext4: consolidate checks for resize of bigalloc into ext4resizebegin (bsc#1230326).
  • ext4: fix bugon ext4mbuseinode_pa (bsc#1230326).
  • kabi: add _nfqueuegetrefs() for kabi compliance.
  • No -rt specific changes this merge.
  • PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666).
  • Revert 'ext4: consolidate checks for resize of bigalloc into ext4resizebegin' (bsc#1230326).
References

Affected packages

SUSE:Linux Enterprise Micro 5.1 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.187.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.187.1",
            "kernel-rt": "5.3.18-150300.187.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.187.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.187.1",
            "kernel-rt": "5.3.18-150300.187.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.187.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.187.1",
            "kernel-rt": "5.3.18-150300.187.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.187.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.187.1",
            "kernel-rt": "5.3.18-150300.187.1"
        }
    ]
}