Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2024:2923-1
Rating:	important
References:	bsc#1065729 bsc#1179610 bsc#1186463 bsc#1216834 bsc#1218820 bsc#1220185 bsc#1220186 bsc#1220187 bsc#1221539 bsc#1222824 bsc#1224682 bsc#1224918 bsc#1225404 bsc#1225431 bsc#1226519 bsc#1226550 bsc#1226574 bsc#1226575 bsc#1226666 bsc#1226758 bsc#1226785 bsc#1227213 bsc#1227487 bsc#1227716 bsc#1227750 bsc#1227836 bsc#1227976 bsc#1228013 bsc#1228114 bsc#1228328 bsc#1228561 bsc#1228644 bsc#1228743
Cross-References:	CVE-2020-26558 CVE-2021-0129 CVE-2021-47126 CVE-2021-47219 CVE-2021-47291 CVE-2021-47506 CVE-2021-47520 CVE-2021-47580 CVE-2021-47598 CVE-2021-47600 CVE-2022-48792 CVE-2022-48821 CVE-2023-52686 CVE-2023-52885 CVE-2024-26583 CVE-2024-26584 CVE-2024-26585 CVE-2024-36974 CVE-2024-38559 CVE-2024-39494 CVE-2024-40937 CVE-2024-41011 CVE-2024-41059 CVE-2024-41069 CVE-2024-41090 CVE-2024-42145
CVSS scores:	CVE-2020-26558 ( SUSE ): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2020-26558 ( NVD ): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2021-0129 ( SUSE ): 6.4 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2021-0129 ( NVD ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2021-47126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-47219 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-47506 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-47520 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-47520 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-47580 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-47600 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-48792 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-48792 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-48821 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-52686 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-52885 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2024-26583 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-26583 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-26584 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-26584 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-36974 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-38559 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2024-39494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-39494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-40937 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-41011 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-41069 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2024-41069 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2024-41090 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:	SUSE Linux Enterprise High Availability Extension 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 SUSE Linux Enterprise Live Patching 15-SP2 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1

An update that solves 26 vulnerabilities and has seven security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

• CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
• CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
• CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743).
• CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561).
• CVE-2023-52885: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (bsc#1227750).
• CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228013).
• CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
• CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1224918).
• CVE-2021-47126: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions (bsc#1221539).
• CVE-2024-41011: drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (bsc#1228114).
• CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1226574).
• CVE-2021-47580: scsi: scsi_debug: Fix type in min_t to avoid stack OOB (bsc#1226550).
• CVE-2021-47219: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (bsc#1222824).
• CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
• CVE-2021-0129: Improper access control in BlueZ may have allowed an authenticated user to potentially enable information disclosure via adjacent access (bsc#1186463).
• CVE-2020-26558: Fixed a flaw in the Bluetooth LE and BR/EDR secure pairing that could permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (bsc#1179610).
• CVE-2022-48821: misc: fastrpc: avoid double fput() on failed usercopy (bsc#1227976).
• CVE-2021-47506: nfsd: fix use-after-free due to delegation race (bsc#1225404).
• CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431).
• CVE-2024-26583: tls: fix use-after-free on failed backlog decryption (bsc#1220185).
• CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
• CVE-2021-47600: dm btree remove: fix use after free in rebalance_children() (bsc#1226575).
• CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519).

The following non-security bugs were fixed:

• Fix spurious WARNING caused by a qxl driver patch (bsc#1227213)
• X.509: Fix the parser of extended key usage for length (bsc#1218820 bsc#1226666).
• ocfs2: fix DIO failure due to insufficient transaction credits (bsc#1216834).
• powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
• powerpc/rtas: clean up includes (bsc#1227487).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Live Patching 15-SP2
  zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-2923=1
• SUSE Linux Enterprise High Availability Extension 15 SP2
  zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2024-2923=1
• SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
  zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2923=1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
  zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2923=1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2
  zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2923=1

Package List:

• SUSE Linux Enterprise Live Patching 15-SP2 (nosrc)
  • kernel-default-5.3.18-150200.24.200.1
• SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64)
  • kernel-livepatch-SLE15-SP2_Update_51-debugsource-1-150200.5.3.1
  • kernel-default-livepatch-devel-5.3.18-150200.24.200.1
  • kernel-default-debugsource-5.3.18-150200.24.200.1
  • kernel-livepatch-5_3_18-150200_24_200-default-1-150200.5.3.1
  • kernel-default-livepatch-5.3.18-150200.24.200.1
  • kernel-livepatch-5_3_18-150200_24_200-default-debuginfo-1-150200.5.3.1
  • kernel-default-debuginfo-5.3.18-150200.24.200.1
• SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le s390x x86_64)
  • dlm-kmp-default-5.3.18-150200.24.200.1
  • kernel-default-debugsource-5.3.18-150200.24.200.1
  • gfs2-kmp-default-5.3.18-150200.24.200.1
  • cluster-md-kmp-default-5.3.18-150200.24.200.1
  • ocfs2-kmp-default-debuginfo-5.3.18-150200.24.200.1
  • gfs2-kmp-default-debuginfo-5.3.18-150200.24.200.1
  • ocfs2-kmp-default-5.3.18-150200.24.200.1
  • cluster-md-kmp-default-debuginfo-5.3.18-150200.24.200.1
  • kernel-default-debuginfo-5.3.18-150200.24.200.1
  • dlm-kmp-default-debuginfo-5.3.18-150200.24.200.1
• SUSE Linux Enterprise High Availability Extension 15 SP2 (nosrc)
  • kernel-default-5.3.18-150200.24.200.1
• SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64)
  • kernel-preempt-5.3.18-150200.24.200.1
  • kernel-default-5.3.18-150200.24.200.1
• SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64)
  • kernel-preempt-devel-debuginfo-5.3.18-150200.24.200.1
  • kernel-default-debugsource-5.3.18-150200.24.200.1
  • kernel-obs-build-5.3.18-150200.24.200.1
  • kernel-default-devel-debuginfo-5.3.18-150200.24.200.1
  • kernel-default-base-5.3.18-150200.24.200.1.150200.9.103.1
  • kernel-preempt-debuginfo-5.3.18-150200.24.200.1
  • kernel-preempt-devel-5.3.18-150200.24.200.1
  • kernel-syms-5.3.18-150200.24.200.1
  • kernel-default-debuginfo-5.3.18-150200.24.200.1
  • kernel-preempt-debugsource-5.3.18-150200.24.200.1
  • kernel-default-devel-5.3.18-150200.24.200.1
  • kernel-obs-build-debugsource-5.3.18-150200.24.200.1
• SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
  • kernel-macros-5.3.18-150200.24.200.1
  • kernel-source-5.3.18-150200.24.200.1
  • kernel-devel-5.3.18-150200.24.200.1
• SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch nosrc)
  • kernel-docs-5.3.18-150200.24.200.1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64 nosrc)
  • kernel-default-5.3.18-150200.24.200.1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64)
  • kernel-default-debugsource-5.3.18-150200.24.200.1
  • kernel-obs-build-5.3.18-150200.24.200.1
  • reiserfs-kmp-default-debuginfo-5.3.18-150200.24.200.1
  • kernel-default-devel-debuginfo-5.3.18-150200.24.200.1
  • kernel-default-base-5.3.18-150200.24.200.1.150200.9.103.1
  • reiserfs-kmp-default-5.3.18-150200.24.200.1
  • kernel-syms-5.3.18-150200.24.200.1
  • kernel-default-debuginfo-5.3.18-150200.24.200.1
  • kernel-default-devel-5.3.18-150200.24.200.1
  • kernel-obs-build-debugsource-5.3.18-150200.24.200.1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
  • kernel-macros-5.3.18-150200.24.200.1
  • kernel-source-5.3.18-150200.24.200.1
  • kernel-devel-5.3.18-150200.24.200.1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch nosrc)
  • kernel-docs-5.3.18-150200.24.200.1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64)
  • kernel-preempt-5.3.18-150200.24.200.1
• SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 x86_64)
  • kernel-preempt-devel-debuginfo-5.3.18-150200.24.200.1
  • kernel-preempt-debuginfo-5.3.18-150200.24.200.1
  • kernel-preempt-debugsource-5.3.18-150200.24.200.1
  • kernel-preempt-devel-5.3.18-150200.24.200.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc ppc64le x86_64)
  • kernel-default-5.3.18-150200.24.200.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
  • kernel-default-debugsource-5.3.18-150200.24.200.1
  • kernel-obs-build-5.3.18-150200.24.200.1
  • reiserfs-kmp-default-debuginfo-5.3.18-150200.24.200.1
  • kernel-default-devel-debuginfo-5.3.18-150200.24.200.1
  • kernel-default-base-5.3.18-150200.24.200.1.150200.9.103.1
  • reiserfs-kmp-default-5.3.18-150200.24.200.1
  • kernel-syms-5.3.18-150200.24.200.1
  • kernel-default-debuginfo-5.3.18-150200.24.200.1
  • kernel-default-devel-5.3.18-150200.24.200.1
  • kernel-obs-build-debugsource-5.3.18-150200.24.200.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
  • kernel-macros-5.3.18-150200.24.200.1
  • kernel-source-5.3.18-150200.24.200.1
  • kernel-devel-5.3.18-150200.24.200.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch nosrc)
  • kernel-docs-5.3.18-150200.24.200.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc x86_64)
  • kernel-preempt-5.3.18-150200.24.200.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64)
  • kernel-preempt-devel-debuginfo-5.3.18-150200.24.200.1
  • kernel-preempt-debuginfo-5.3.18-150200.24.200.1
  • kernel-preempt-debugsource-5.3.18-150200.24.200.1
  • kernel-preempt-devel-5.3.18-150200.24.200.1

References:

• https://www.suse.com/security/cve/CVE-2020-26558.html
• https://www.suse.com/security/cve/CVE-2021-0129.html
• https://www.suse.com/security/cve/CVE-2021-47126.html
• https://www.suse.com/security/cve/CVE-2021-47219.html
• https://www.suse.com/security/cve/CVE-2021-47291.html
• https://www.suse.com/security/cve/CVE-2021-47506.html
• https://www.suse.com/security/cve/CVE-2021-47520.html
• https://www.suse.com/security/cve/CVE-2021-47580.html
• https://www.suse.com/security/cve/CVE-2021-47598.html
• https://www.suse.com/security/cve/CVE-2021-47600.html
• https://www.suse.com/security/cve/CVE-2022-48792.html
• https://www.suse.com/security/cve/CVE-2022-48821.html
• https://www.suse.com/security/cve/CVE-2023-52686.html
• https://www.suse.com/security/cve/CVE-2023-52885.html
• https://www.suse.com/security/cve/CVE-2024-26583.html
• https://www.suse.com/security/cve/CVE-2024-26584.html
• https://www.suse.com/security/cve/CVE-2024-26585.html
• https://www.suse.com/security/cve/CVE-2024-36974.html
• https://www.suse.com/security/cve/CVE-2024-38559.html
• https://www.suse.com/security/cve/CVE-2024-39494.html
• https://www.suse.com/security/cve/CVE-2024-40937.html
• https://www.suse.com/security/cve/CVE-2024-41011.html
• https://www.suse.com/security/cve/CVE-2024-41059.html
• https://www.suse.com/security/cve/CVE-2024-41069.html
• https://www.suse.com/security/cve/CVE-2024-41090.html
• https://www.suse.com/security/cve/CVE-2024-42145.html
• https://bugzilla.suse.com/show_bug.cgi?id=1065729
• https://bugzilla.suse.com/show_bug.cgi?id=1179610
• https://bugzilla.suse.com/show_bug.cgi?id=1186463
• https://bugzilla.suse.com/show_bug.cgi?id=1216834
• https://bugzilla.suse.com/show_bug.cgi?id=1218820
• https://bugzilla.suse.com/show_bug.cgi?id=1220185
• https://bugzilla.suse.com/show_bug.cgi?id=1220186
• https://bugzilla.suse.com/show_bug.cgi?id=1220187
• https://bugzilla.suse.com/show_bug.cgi?id=1221539
• https://bugzilla.suse.com/show_bug.cgi?id=1222824
• https://bugzilla.suse.com/show_bug.cgi?id=1224682
• https://bugzilla.suse.com/show_bug.cgi?id=1224918
• https://bugzilla.suse.com/show_bug.cgi?id=1225404
• https://bugzilla.suse.com/show_bug.cgi?id=1225431
• https://bugzilla.suse.com/show_bug.cgi?id=1226519
• https://bugzilla.suse.com/show_bug.cgi?id=1226550
• https://bugzilla.suse.com/show_bug.cgi?id=1226574
• https://bugzilla.suse.com/show_bug.cgi?id=1226575
• https://bugzilla.suse.com/show_bug.cgi?id=1226666
• https://bugzilla.suse.com/show_bug.cgi?id=1226758
• https://bugzilla.suse.com/show_bug.cgi?id=1226785
• https://bugzilla.suse.com/show_bug.cgi?id=1227213
• https://bugzilla.suse.com/show_bug.cgi?id=1227487
• https://bugzilla.suse.com/show_bug.cgi?id=1227716
• https://bugzilla.suse.com/show_bug.cgi?id=1227750
• https://bugzilla.suse.com/show_bug.cgi?id=1227836
• https://bugzilla.suse.com/show_bug.cgi?id=1227976
• https://bugzilla.suse.com/show_bug.cgi?id=1228013
• https://bugzilla.suse.com/show_bug.cgi?id=1228114
• https://bugzilla.suse.com/show_bug.cgi?id=1228328
• https://bugzilla.suse.com/show_bug.cgi?id=1228561
• https://bugzilla.suse.com/show_bug.cgi?id=1228644
• https://bugzilla.suse.com/show_bug.cgi?id=1228743