Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:3591-1
Release Date: 2024-10-10T15:34:35Z
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2021-47387 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48788 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
  • CVE-2022-48788 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48789 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48789 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48790 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48790 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48791 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48799 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48844 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2022-48844 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2022-48943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-52915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52915 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-38381 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • CVE-2024-38381 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-38596 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
  • CVE-2024-38632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-38632 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41073 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-41073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-41079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-41082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42154 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42154 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
  • CVE-2024-42265 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  • CVE-2024-42305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-42306 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43884 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-43884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43884 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43890 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  • CVE-2024-43890 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-43890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43898 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43912 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  • CVE-2024-43912 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2024-43912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43914 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-43914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-43914 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44946 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-44946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
  • CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-44948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44950 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44952 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44952 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44954 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44969 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44987 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-44987 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-44998 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44998 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-44999 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-44999 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-45008 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46673 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46673 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46675 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:L
  • CVE-2024-46675 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2024-46675 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46676 ( SUSE ): 2.4 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
  • CVE-2024-46676 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  • CVE-2024-46676 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46677 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
  • CVE-2024-46677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46677 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46679 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
  • CVE-2024-46679 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46679 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46685 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46685 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46686 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46686 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46702 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
  • CVE-2024-46702 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46702 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46707 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46715 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46721 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46721 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46722 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-46723 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46723 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-46731 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46731 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-46737 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
  • CVE-2024-46737 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46737 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46738 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  • CVE-2024-46738 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46738 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46739 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
  • CVE-2024-46739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46743 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  • CVE-2024-46743 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-46743 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-46744 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  • CVE-2024-46744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-46744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46745 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46750 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46750 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46750 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46753 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46759 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  • CVE-2024-46759 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
  • CVE-2024-46759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46761 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46761 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46770 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46783 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46783 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46784 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46784 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46787 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CVE-2024-46787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46822 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46822 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46853 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-46854 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-46854 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2024-46859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-46859 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
  • SUSE Linux Enterprise High Performance Computing 12 SP5
  • SUSE Linux Enterprise Server 12 SP5
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5

An update that solves 71 vulnerabilities and has nine security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2021-47387: cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory (bsc#1225316).
  • CVE-2022-48788: nvme-rdma: fix possible use-after-free in transport error_recovery work (bsc#1227952).
  • CVE-2022-48789: nvme-tcp: fix possible use-after-free in transport error_recovery work (bsc#1228000).
  • CVE-2022-48790: nvme: fix a possible use-after-free in controller reset during load (bsc#1227941).
  • CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002)
  • CVE-2022-48799: perf: Fix list corruption in perf_cgroup_switch() (bsc#1227953).
  • CVE-2022-48844: Bluetooth: hci_core: Fix leaking sent_cmd skb (bsc#1228068).
  • CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229633).
  • CVE-2022-48943: KVM: x86/mmu: make apf token non-zero to fix bug (bsc#1229645).
  • CVE-2022-48945: media: vivid: fix compose size exceed boundary (bsc#1230398).
  • CVE-2023-52915: media: dvb-usb-v2: af9035: fix missing unlock (bsc#1230270).
  • CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
  • CVE-2024-41073: nvme: avoid double free special payload (bsc#1228635).
  • CVE-2024-41079: nvmet: always initialize cqe.result (bsc#1228615).
  • CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620 CVE-2024-41082).
  • CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
  • CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
  • CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
  • CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
  • CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
  • CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
  • CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
  • CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
  • CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
  • CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
  • CVE-2024-44948: x86/mtrr: Check if fixed MTRRs exist before saving them (bsc#1230174).
  • CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
  • CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race (bsc#1230178).
  • CVE-2024-44954: ALSA: line6: Fix racy access to midibuf (bsc#1230176).
  • CVE-2024-44969: s390/sclp: Prevent release of buffer in I/O (bsc#1230200).
  • CVE-2024-44982: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (bsc#1230204).
  • CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
  • CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
  • CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
  • CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
  • CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
  • CVE-2024-46675: usb: dwc3: core: Prevent USB core invalid event buffer address access (bsc#1230533).
  • CVE-2024-46676: nfc: pn533: Add poll mod list filling check (bsc#1230535).
  • CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
  • CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
  • CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
  • CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
  • CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
  • CVE-2024-46707: KVM: arm64: Make ICC_SGI_EL1 undef in the absence of a vGICv3 (bsc#1230582).
  • CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access (bsc#1230700).
  • CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
  • CVE-2024-46722: drm/amdgpu: fix mc_data out-of-bounds read warning (bsc#1230712).
  • CVE-2024-46723: drm/amdgpu: fix ucode out-of-bounds read warning (bsc#1230702).
  • CVE-2024-46731: drm/amd/pm: fix the Out-of-bounds read warning (bsc#1230709).
  • CVE-2024-46738: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (bsc#1230731).
  • CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
  • CVE-2024-46744: Squashfs: sanity check symbolic link size (bsc#1230747).
  • CVE-2024-46745: Input: uinput - reject requests with unreasonable number of slots (bsc#1230748).
  • CVE-2024-46750: PCI: Add missing bridge lock to pci_bus_lock() (bsc#1230783).
  • CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
  • CVE-2024-46759: hwmon: (adc128d818) Fix underflows seen when writing limit attributes (bsc#1230814).
  • CVE-2024-46761: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (bsc#1230761).
  • CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
  • CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
  • CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
  • CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
  • CVE-2024-46853: spi: nxp-fspi: fix the KASAN report out-of-bounds bug (bsc#1231083).
  • CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
  • CVE-2024-46859: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (bsc#1231089).

The following non-security bugs were fixed:

  • ACPI / EC: Clean up EC GPE mask flag (git-fixes).
  • ACPI: EC: Avoid printing confusing messages in acpi_ec_setup() (git-fixes).
  • ACPI: EC: Fix an EC event IRQ storming issue (git-fixes).
  • ACPI: EC: tweak naming in preparation for GpioInt support (git-fixes).
  • ACPI: SPCR: Consider baud rate 0 as preconfigured state (git-fixes).
  • ACPI: SPCR: Workaround for APM X-Gene 8250 UART 32-alignment errata (git-fixes).
  • ACPI: SPCR: work around clock issue on xgene UART (git-fixes).
  • ACPI: blacklist: fix clang warning for unused DMI table (git-fixes).
  • ACPI: video: Add new hw_changes_brightness quirk, set it on PB Easynote MZ35 (git-fixes).
  • Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic (git-fixes).
  • Fix bsc#1054914 reference.
  • PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes).
  • RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes)
  • RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes)
  • RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git-fixes)
  • Revert "ACPI / EC: Remove old CLEAR_ON_RESUME quirk" (git-fixes).
  • af_unix: Fix data races around sk->sk_shutdown (bsc#1226846).
  • af_unix: annotate lockless accesses to sk->sk_err (bsc#1226846).
  • autofs4: use wait_event_killable (bsc#1207341).
  • ceph: remove the incorrect Fw reference check when dirtying pages (bsc#1231184).
  • fuse: use unsigned type for getxattr/listxattr size truncation (bsc#1230151).
  • kabi fix for proc/mounts: add cursor (bsc#1207341).
  • kabi/severities: Ignore ppc instruction emulation (bsc#1230826 ltc#205848) These are lowlevel functions not used outside of exception handling and kernel debugging facilities.
  • kthread: Fix task state in kthread worker if being frozen (bsc#1231146).
  • media: vivid: avoid integer overflow (git-fixes).
  • media: vivid: dev->bitmap_cap wasn't freed in all cases (git-fixes).
  • media: vivid: fix assignment of dev->fbuf_out_flags (git-fixes).
  • media: vivid: s_fbuf: add more sanity checks (git-fixes).
  • net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (git-fixes).
  • net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git-fixes).
  • net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git-fixes).
  • nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes).
  • nvmet: Identify-Active Namespace ID List command should reject invalid nsid (git-fixes).
  • ocfs2: fix null-ptr-deref when journal load failed (git-fixes).
  • ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes).
  • ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes).
  • powerpc sstep: Add support for cnttzw, cnttzd instructions (bsc#1230826 ltc#205848).
  • powerpc sstep: Add support for extswsli instruction (bsc#1230826 ltc#205848).
  • powerpc sstep: Add support for modsd, modud instructions (bsc#1230826 ltc#205848).
  • powerpc sstep: Add support for modsw, moduw instructions (bsc#1230826 ltc#205848).
  • powerpc/32: Move the inline keyword at the beginning of function declaration (bsc#1230826 ltc#205848).
  • powerpc/64: Fix update forms of loads and stores to write 64-bit EA (bsc#1230826 ltc#205848).
  • powerpc/fpu: Drop cvt_fd() and cvt_df() (bsc#1230826 ltc#205848).
  • powerpc/imc-pmu: Fix use of mutex in IRQs disabled section (bsc#1054914 git-fixes).
  • powerpc/imc-pmu: Revert nest_init_lock to being a mutex (bsc#1065729).
  • powerpc/iommu: Annotate nested lock for lockdep (bsc#1065729).
  • powerpc/kprobes: Blacklist emulate_update_regs() from kprobes (bsc#1230826 ltc#205848).
  • powerpc/kprobes: Update optprobes to use emulate_update_regs() (bsc#1230826 ltc#205848).
  • powerpc/lib/sstep: Add XER bits introduced in POWER ISA v3.0 (bsc#1230826 ltc#205848).
  • powerpc/lib/sstep: Add bpermd instruction emulation (bsc#1230826 ltc#205848).
  • powerpc/lib/sstep: Add cmpb instruction emulation (bsc#1230826 ltc#205848).
  • powerpc/lib/sstep: Add isel instruction emulation (bsc#1230826 ltc#205848).
  • powerpc/lib/sstep: Add popcnt instruction emulation (bsc#1230826 ltc#205848).
  • powerpc/lib/sstep: Add prty instruction emulation (bsc#1230826 ltc#205848).
  • powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1230826 ltc#205848).
  • powerpc/lib/sstep: Fix count leading zeros instructions (bsc#1230826 ltc#205848).
  • powerpc/lib/sstep: Fix fixed-point arithmetic instructions that set CA32 (bsc#1230826 ltc#205848).
  • powerpc/lib/sstep: Fix fixed-point shift instructions that set CA32 (bsc#1230826 ltc#205848).
  • powerpc/lib/sstep: fix 'ptesync' build error (bsc#1230826 ltc#205848).
  • powerpc/lib: Fix "integer constant is too large" build failure (bsc#1230826 ltc#205848).
  • powerpc/lib: fix redundant inclusion of quad.o (bsc#1230826 ltc#205848).
  • powerpc/ppc-opcode: Add divde and divdeu opcodes (bsc#1230826 ltc#205848).
  • powerpc/pseries: fix possible memory leak in ibmebus_bus_init() (bsc#1065729).
  • powerpc/sstep: Add support for divde[.] and divdeu[.] instructions (bsc#1230826 ltc#205848).
  • powerpc/sstep: Avoid used uninitialized error (bsc#1230826 ltc#205848).
  • powerpc/sstep: Check instruction validity against ISA version before emulation (bsc#1230826 ltc#205848).
  • powerpc/sstep: Fix darn emulation (bsc#1230826 ltc#205848).
  • powerpc/sstep: Fix incorrect return from analyze_instr() (bsc#1230826 ltc#205848).
  • powerpc/sstep: Fix issues with mcrf (bsc#1230826 ltc#205848).
  • powerpc/sstep: Fix issues with set_cr0() (bsc#1230826 ltc#205848).
  • powerpc/sstep: Fix kernel crash if VSX is not present (bsc#1230826 ltc#205848).
  • powerpc/sstep: Introduce GETTYPE macro (bsc#1230826 ltc#205848).
  • powerpc/sstep: mullw should calculate a 64 bit signed result (bsc#1230826 ltc#205848).
  • powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729).
  • powerpc: Add emulation for the addpcis instruction (bsc#1230826 ltc#205848).
  • powerpc: Change analyse_instr so it does not modify *regs (bsc#1230826 ltc#205848).
  • powerpc: Do not check MSR FP/VMX/VSX enable bits in analyse_instr() (bsc#1230826 ltc#205848).
  • powerpc: Do not update CR0 in emulation of popcnt, prty, bpermd instructions (bsc#1230826 ltc#205848).
  • powerpc: Emulate FP/vector/VSX loads/stores correctly when regs not live (bsc#1230826 ltc#205848).
  • powerpc: Emulate load/store floating double pair instructions (bsc#1230826 ltc#205848).
  • powerpc: Emulate load/store floating point as integer word instructions (bsc#1230826 ltc#205848).
  • powerpc: Emulate the dcbz instruction (bsc#1230826 ltc#205848).
  • powerpc: Emulate vector element load/store instructions (bsc#1230826 ltc#205848).
  • powerpc: Fix emulation of the isel instruction (bsc#1230826 ltc#205848).
  • powerpc: Fix handling of alignment interrupt on dcbz instruction (bsc#1230826 ltc#205848).
  • powerpc: Fix kernel crash in emulation of vector loads and stores (bsc#1230826 ltc#205848).
  • powerpc: Handle most loads and stores in instruction emulation code (bsc#1230826 ltc#205848).
  • powerpc: Handle opposite-endian processes in emulation code (bsc#1230826 ltc#205848).
  • powerpc: Make load/store emulation use larger memory accesses (bsc#1230826 ltc#205848).
  • powerpc: Remove support for PowerPC 601 (Remove unused and malformed assembly causing build error).
  • powerpc: Separate out load/store emulation into its own function (bsc#1230826 ltc#205848).
  • powerpc: Set regs->dar if memory access fails in emulate_step() (bsc#1230826 ltc#205848).
  • powerpc: Use instruction emulation infrastructure to handle alignment faults (bsc#1230826 ltc#205848).
  • powerpc: Wrap register number correctly for string load/store instructions (bsc#1230826 ltc#205848).
  • powerpc: sstep: Add support for darn instruction (bsc#1230826 ltc#205848).
  • powerpc: sstep: Add support for maddhd, maddhdu, maddld instructions (bsc#1230826 ltc#205848).
  • proc/mounts: add cursor (bsc#1207341).
  • profiling: fix shift too large makes kernel panic (git-fixes).
  • tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes).
  • uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (git-fixes).
  • usbnet: fix cyclical race on disconnect with work queue (git-fixes).
  • usbnet: modern method to get random MAC (git-fixes).

Special Instructions and Notes:

  • Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Server for SAP Applications 12 SP5
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3591=1
  • SUSE Linux Enterprise High Performance Computing 12 SP5
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3591=1
  • SUSE Linux Enterprise Server 12 SP5
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3591=1

Package List:

  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc x86_64)
    • kernel-azure-4.12.14-16.200.1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64)
    • kernel-azure-debuginfo-4.12.14-16.200.1
    • kernel-syms-azure-4.12.14-16.200.1
    • kernel-azure-base-4.12.14-16.200.1
    • kernel-azure-devel-4.12.14-16.200.1
    • kernel-azure-base-debuginfo-4.12.14-16.200.1
    • kernel-azure-debugsource-4.12.14-16.200.1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch)
    • kernel-source-azure-4.12.14-16.200.1
    • kernel-devel-azure-4.12.14-16.200.1
  • SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64)
    • kernel-azure-4.12.14-16.200.1
  • SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64)
    • kernel-azure-debuginfo-4.12.14-16.200.1
    • kernel-syms-azure-4.12.14-16.200.1
    • kernel-azure-base-4.12.14-16.200.1
    • kernel-azure-devel-4.12.14-16.200.1
    • kernel-azure-base-debuginfo-4.12.14-16.200.1
    • kernel-azure-debugsource-4.12.14-16.200.1
  • SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
    • kernel-source-azure-4.12.14-16.200.1
    • kernel-devel-azure-4.12.14-16.200.1
  • SUSE Linux Enterprise Server 12 SP5 (nosrc x86_64)
    • kernel-azure-4.12.14-16.200.1
  • SUSE Linux Enterprise Server 12 SP5 (x86_64)
    • kernel-azure-debuginfo-4.12.14-16.200.1
    • kernel-syms-azure-4.12.14-16.200.1
    • kernel-azure-base-4.12.14-16.200.1
    • kernel-azure-devel-4.12.14-16.200.1
    • kernel-azure-base-debuginfo-4.12.14-16.200.1
    • kernel-azure-debugsource-4.12.14-16.200.1
  • SUSE Linux Enterprise Server 12 SP5 (noarch)
    • kernel-source-azure-4.12.14-16.200.1
    • kernel-devel-azure-4.12.14-16.200.1

References: