CVE-2024-36971 Fix Introduces kABI Break for SLL 7
This document (000021562) is provided subject to the disclaimer at the end of this document.
Environment
SUSE Liberty Linux (SLL) 7 Long Term Service Pack Support (LTSS)
Situation
A use-after-free flaw was found in the Linux kernel's network route management. This flaw allows an attacker to alter the behavior of certain network connections. This security vulnerability was labeled CVE-2024-36971. The fix for this CVE introduces a kABI break for SLL 7 LTSS. It may experience kernel crashes after applying the patch. In particular, environments which use third-party KABI modules may experience kernel crashes after applying errata for CVE-2024-36971.
Resolution
Contact your module vendor about an update. Until these third party modules can be fixed, you can prevent crashes by disabling them.
Status
Top Issue
Additional Information
This problem stems from modules which use the negative_advice() function.
https://www.suse.com/security/cve/CVE-2024-36971.html
https://www.suse.com/security/cve/CVE-2024-36971.html
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000021562
- Creation Date: 17-Sep-2024
- Modified Date:17-Sep-2024
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
