Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2024:2385-1
Rating:	important
References:	bsc#1195775 bsc#1216124 bsc#1218148 bsc#1219224 bsc#1220492 bsc#1222015 bsc#1222254 bsc#1222678 bsc#1224020 bsc#1224679 bsc#1224696 bsc#1224703 bsc#1224749 bsc#1224764 bsc#1224765 bsc#1224766 bsc#1224935 bsc#1225098 bsc#1225467 bsc#1225487 bsc#1225518 bsc#1225611 bsc#1225732 bsc#1225737 bsc#1225749 bsc#1225840 bsc#1225866 bsc#1226145 bsc#1226211 bsc#1226212 bsc#1226270 bsc#1226587 bsc#1226595 bsc#1226634 bsc#1226785 bsc#1226786 bsc#1226789 bsc#1226953 bsc#1226962
Cross-References:	CVE-2021-47555 CVE-2021-47571 CVE-2023-24023 CVE-2023-52670 CVE-2023-52752 CVE-2023-52837 CVE-2023-52846 CVE-2023-52881 CVE-2024-26745 CVE-2024-35789 CVE-2024-35861 CVE-2024-35862 CVE-2024-35864 CVE-2024-35869 CVE-2024-35950 CVE-2024-36894 CVE-2024-36899 CVE-2024-36904 CVE-2024-36940 CVE-2024-36964 CVE-2024-36971 CVE-2024-38541 CVE-2024-38545 CVE-2024-38559 CVE-2024-38560 CVE-2024-38564 CVE-2024-38578
CVSS scores:	CVE-2021-47555 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2023-52670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-52837 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L CVE-2024-26745 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-35869 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-38541 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2024-38559 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-38560 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-38564 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2024-38578 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Affected Products:	SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro for Rancher 5.3 SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves 27 vulnerabilities and has 12 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467).
• CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
• CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
• CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696).
• CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
• CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
• CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).
• CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
• CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
• CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
• CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
• CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
• CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
• CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
• CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
• CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
• CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
• CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
• CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
• CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587).
• CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).
• CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
• CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
• CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
• CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634).

The following non-security bugs were fixed:

• Revert "build initrd without systemd" (bsc#1195775)
• cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).
• cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).
• cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
• cgroup: Remove unnecessary list_empty() (bsc#1222254).
• cgroup: preserve KABI of cgroup_root (bsc#1222254).
• mkspec-dtb: add toplevel symlinks also on arm
• ocfs2: adjust enabling place for la window (bsc#1219224).
• ocfs2: fix sparse warnings (bsc#1219224).
• ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
• ocfs2: speed up chain-list searching (bsc#1219224).
• random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953).
• rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.
• rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.
• rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.
• rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ("ARM: dts: Move .dts files to vendor sub-directories"). So switch to them.
• scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1216124).
• smb: client: ensure to try all targets when finding nested links (bsc#1224020).
• smb: client: guarantee refcounted children from parent session (bsc#1224679).
• x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
• xfs: do not include bnobt blocks when reserving free block pool (bsc#1226270).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Micro for Rancher 5.3
  zypper in -t patch SUSE-SLE-Micro-5.3-2024-2385=1
• SUSE Linux Enterprise Micro 5.3
  zypper in -t patch SUSE-SLE-Micro-5.3-2024-2385=1
• SUSE Linux Enterprise Micro for Rancher 5.4
  zypper in -t patch SUSE-SLE-Micro-5.4-2024-2385=1
• SUSE Linux Enterprise Micro 5.4
  zypper in -t patch SUSE-SLE-Micro-5.4-2024-2385=1

Package List:

• SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64)
  • kernel-rt-5.14.21-150400.15.85.1
• SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
  • kernel-rt-debugsource-5.14.21-150400.15.85.1
  • kernel-rt-debuginfo-5.14.21-150400.15.85.1
• SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
  • kernel-source-rt-5.14.21-150400.15.85.1
• SUSE Linux Enterprise Micro 5.3 (nosrc x86_64)
  • kernel-rt-5.14.21-150400.15.85.1
• SUSE Linux Enterprise Micro 5.3 (x86_64)
  • kernel-rt-debugsource-5.14.21-150400.15.85.1
  • kernel-rt-debuginfo-5.14.21-150400.15.85.1
• SUSE Linux Enterprise Micro 5.3 (noarch)
  • kernel-source-rt-5.14.21-150400.15.85.1
• SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64)
  • kernel-rt-5.14.21-150400.15.85.1
• SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
  • kernel-rt-debugsource-5.14.21-150400.15.85.1
  • kernel-rt-debuginfo-5.14.21-150400.15.85.1
• SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
  • kernel-source-rt-5.14.21-150400.15.85.1
• SUSE Linux Enterprise Micro 5.4 (nosrc x86_64)
  • kernel-rt-5.14.21-150400.15.85.1
• SUSE Linux Enterprise Micro 5.4 (x86_64)
  • kernel-rt-debugsource-5.14.21-150400.15.85.1
  • kernel-rt-debuginfo-5.14.21-150400.15.85.1
• SUSE Linux Enterprise Micro 5.4 (noarch)
  • kernel-source-rt-5.14.21-150400.15.85.1

References:

• https://www.suse.com/security/cve/CVE-2021-47555.html
• https://www.suse.com/security/cve/CVE-2021-47571.html
• https://www.suse.com/security/cve/CVE-2023-24023.html
• https://www.suse.com/security/cve/CVE-2023-52670.html
• https://www.suse.com/security/cve/CVE-2023-52752.html
• https://www.suse.com/security/cve/CVE-2023-52837.html
• https://www.suse.com/security/cve/CVE-2023-52846.html
• https://www.suse.com/security/cve/CVE-2023-52881.html
• https://www.suse.com/security/cve/CVE-2024-26745.html
• https://www.suse.com/security/cve/CVE-2024-35789.html
• https://www.suse.com/security/cve/CVE-2024-35861.html
• https://www.suse.com/security/cve/CVE-2024-35862.html
• https://www.suse.com/security/cve/CVE-2024-35864.html
• https://www.suse.com/security/cve/CVE-2024-35869.html
• https://www.suse.com/security/cve/CVE-2024-35950.html
• https://www.suse.com/security/cve/CVE-2024-36894.html
• https://www.suse.com/security/cve/CVE-2024-36899.html
• https://www.suse.com/security/cve/CVE-2024-36904.html
• https://www.suse.com/security/cve/CVE-2024-36940.html
• https://www.suse.com/security/cve/CVE-2024-36964.html
• https://www.suse.com/security/cve/CVE-2024-36971.html
• https://www.suse.com/security/cve/CVE-2024-38541.html
• https://www.suse.com/security/cve/CVE-2024-38545.html
• https://www.suse.com/security/cve/CVE-2024-38559.html
• https://www.suse.com/security/cve/CVE-2024-38560.html
• https://www.suse.com/security/cve/CVE-2024-38564.html
• https://www.suse.com/security/cve/CVE-2024-38578.html
• https://bugzilla.suse.com/show_bug.cgi?id=1195775
• https://bugzilla.suse.com/show_bug.cgi?id=1216124
• https://bugzilla.suse.com/show_bug.cgi?id=1218148
• https://bugzilla.suse.com/show_bug.cgi?id=1219224
• https://bugzilla.suse.com/show_bug.cgi?id=1220492
• https://bugzilla.suse.com/show_bug.cgi?id=1222015
• https://bugzilla.suse.com/show_bug.cgi?id=1222254
• https://bugzilla.suse.com/show_bug.cgi?id=1222678
• https://bugzilla.suse.com/show_bug.cgi?id=1224020
• https://bugzilla.suse.com/show_bug.cgi?id=1224679
• https://bugzilla.suse.com/show_bug.cgi?id=1224696
• https://bugzilla.suse.com/show_bug.cgi?id=1224703
• https://bugzilla.suse.com/show_bug.cgi?id=1224749
• https://bugzilla.suse.com/show_bug.cgi?id=1224764
• https://bugzilla.suse.com/show_bug.cgi?id=1224765
• https://bugzilla.suse.com/show_bug.cgi?id=1224766
• https://bugzilla.suse.com/show_bug.cgi?id=1224935
• https://bugzilla.suse.com/show_bug.cgi?id=1225098
• https://bugzilla.suse.com/show_bug.cgi?id=1225467
• https://bugzilla.suse.com/show_bug.cgi?id=1225487
• https://bugzilla.suse.com/show_bug.cgi?id=1225518
• https://bugzilla.suse.com/show_bug.cgi?id=1225611
• https://bugzilla.suse.com/show_bug.cgi?id=1225732
• https://bugzilla.suse.com/show_bug.cgi?id=1225737
• https://bugzilla.suse.com/show_bug.cgi?id=1225749
• https://bugzilla.suse.com/show_bug.cgi?id=1225840
• https://bugzilla.suse.com/show_bug.cgi?id=1225866
• https://bugzilla.suse.com/show_bug.cgi?id=1226145
• https://bugzilla.suse.com/show_bug.cgi?id=1226211
• https://bugzilla.suse.com/show_bug.cgi?id=1226212
• https://bugzilla.suse.com/show_bug.cgi?id=1226270
• https://bugzilla.suse.com/show_bug.cgi?id=1226587
• https://bugzilla.suse.com/show_bug.cgi?id=1226595
• https://bugzilla.suse.com/show_bug.cgi?id=1226634
• https://bugzilla.suse.com/show_bug.cgi?id=1226785
• https://bugzilla.suse.com/show_bug.cgi?id=1226786
• https://bugzilla.suse.com/show_bug.cgi?id=1226789
• https://bugzilla.suse.com/show_bug.cgi?id=1226953
• https://bugzilla.suse.com/show_bug.cgi?id=1226962