SUSE Support

Here When You Need Us

CVE-2024-36971 Fix Introduces kABI Break for SLL 7

This document (000021562) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Liberty Linux (SLL) 7 Long Term Service Pack Support (LTSS)

Situation

A use-after-free flaw was found in the Linux kernel's network route management. This flaw allows an attacker to alter the behavior of certain network connections. This security vulnerability was labeled CVE-2024-36971. The fix for this CVE introduces a kABI break for SLL 7 LTSS. It may experience kernel crashes after applying the patch. In particular, environments which use third-party KABI modules may experience kernel crashes after applying errata for CVE-2024-36971.

Resolution

Contact your module vendor about an update. Until these third party modules can be fixed, you can prevent crashes by disabling them.

Status

Top Issue

Additional Information

This problem stems from modules which use the negative_advice() function.
https://www.suse.com/security/cve/CVE-2024-36971.html

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000021562
  • Creation Date: 17-Sep-2024
  • Modified Date:17-Sep-2024

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

tick icon

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

tick icon

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

tick icon

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.