December 2024 - openSUSE Security Announce

SUSE-SU-2024:4160-1: important: Security update for the Linux Kernel RT (Live Patch 18 for SLE 15 SP5)
by OPENSUSE-SECURITY-UPDATES 03 Dec '24

03 Dec '24

# Security update for the Linux Kernel RT (Live Patch 18 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:4160-1 Release Date: 2024-12-03T16:34:18Z Rating: important References: * bsc#1225429 * bsc#1229553 Cross-References: * CVE-2021-47517 * CVE-2024-43861 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_64 fixes several issues. The following security issues were fixed: * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-4160=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4160=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_64-rt-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource-2-150500.11.6.1 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_64-rt-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_64-rt-debuginfo-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_18-debugsource-2-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1229553

1 0

openSUSE-SU-2024:14536-1: moderate: ansible-10-10.6.0-1.1 on GA media
by meissner＠suse.com 03 Dec '24

03 Dec '24

# ansible-10-10.6.0-1.1 on GA media Announcement ID: openSUSE-SU-2024:14536-1 Rating: moderate Cross-References: * CVE-2014-4966 * CVE-2014-4967 * CVE-2015-3908 * CVE-2016-3096 * CVE-2016-9587 * CVE-2017-7466 * CVE-2017-7481 * CVE-2017-7550 * CVE-2018-10855 * CVE-2018-10875 * CVE-2018-16837 * CVE-2018-16859 * CVE-2018-16876 * CVE-2019-10156 * CVE-2019-10206 * CVE-2019-10217 * CVE-2019-14846 * CVE-2019-14856 * CVE-2019-14858 * CVE-2019-14864 * CVE-2019-14904 * CVE-2019-14905 * CVE-2019-3828 * CVE-2020-10684 * CVE-2020-10685 * CVE-2020-10691 * CVE-2020-10729 * CVE-2020-14330 * CVE-2020-14332 * CVE-2020-1733 * CVE-2020-1734 * CVE-2020-1735 * CVE-2020-1736 * CVE-2020-1737 * CVE-2020-1738 * CVE-2020-1739 * CVE-2020-1740 * CVE-2020-1744 * CVE-2020-1746 * CVE-2020-1753 * CVE-2021-20178 * CVE-2021-20180 * CVE-2021-20191 * CVE-2021-20228 * CVE-2021-3583 CVSS scores: * CVE-2017-7481 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2017-7550 ( SUSE ): 8.5 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2018-10855 ( SUSE ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2018-10875 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2018-16837 ( SUSE ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2018-16859 ( SUSE ): 4.2 CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N * CVE-2018-16876 ( SUSE ): 3.1 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2019-10156 ( SUSE ): 4.6 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2019-10206 ( SUSE ): 6.4 CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2019-14846 ( SUSE ): 2.3 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2019-14856 ( SUSE ): 2.3 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2019-14858 ( SUSE ): 2.3 CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2019-14904 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2019-14905 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2019-3828 ( SUSE ): 4.2 CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N * CVE-2020-10684 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2020-10685 ( SUSE ): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2020-10691 ( SUSE ): 5.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L * CVE-2020-10729 ( SUSE ): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2020-14330 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2020-14332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2020-1733 ( SUSE ): 5 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L * CVE-2020-1734 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L * CVE-2020-1735 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N * CVE-2020-1736 ( SUSE ): 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2020-1737 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H * CVE-2020-1738 ( SUSE ): 5 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L * CVE-2020-1739 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2020-1740 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N * CVE-2020-1746 ( SUSE ): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2021-20178 ( SUSE ): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2021-20180 ( SUSE ): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2021-20191 ( SUSE ): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2021-20228 ( SUSE ): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2021-3583 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Tumbleweed An update that solves 45 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the ansible-10-10.6.0-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * ansible-10 10.6.0-1.1 ## References: * https://www.suse.com/security/cve/CVE-2014-4966.html * https://www.suse.com/security/cve/CVE-2014-4967.html * https://www.suse.com/security/cve/CVE-2015-3908.html * https://www.suse.com/security/cve/CVE-2016-3096.html * https://www.suse.com/security/cve/CVE-2016-9587.html * https://www.suse.com/security/cve/CVE-2017-7466.html * https://www.suse.com/security/cve/CVE-2017-7481.html * https://www.suse.com/security/cve/CVE-2017-7550.html * https://www.suse.com/security/cve/CVE-2018-10855.html * https://www.suse.com/security/cve/CVE-2018-10875.html * https://www.suse.com/security/cve/CVE-2018-16837.html * https://www.suse.com/security/cve/CVE-2018-16859.html * https://www.suse.com/security/cve/CVE-2018-16876.html * https://www.suse.com/security/cve/CVE-2019-10156.html * https://www.suse.com/security/cve/CVE-2019-10206.html * https://www.suse.com/security/cve/CVE-2019-10217.html * https://www.suse.com/security/cve/CVE-2019-14846.html * https://www.suse.com/security/cve/CVE-2019-14856.html * https://www.suse.com/security/cve/CVE-2019-14858.html * https://www.suse.com/security/cve/CVE-2019-14864.html * https://www.suse.com/security/cve/CVE-2019-14904.html * https://www.suse.com/security/cve/CVE-2019-14905.html * https://www.suse.com/security/cve/CVE-2019-3828.html * https://www.suse.com/security/cve/CVE-2020-10684.html * https://www.suse.com/security/cve/CVE-2020-10685.html * https://www.suse.com/security/cve/CVE-2020-10691.html * https://www.suse.com/security/cve/CVE-2020-10729.html * https://www.suse.com/security/cve/CVE-2020-14330.html * https://www.suse.com/security/cve/CVE-2020-14332.html * https://www.suse.com/security/cve/CVE-2020-1733.html * https://www.suse.com/security/cve/CVE-2020-1734.html * https://www.suse.com/security/cve/CVE-2020-1735.html * https://www.suse.com/security/cve/CVE-2020-1736.html * https://www.suse.com/security/cve/CVE-2020-1737.html * https://www.suse.com/security/cve/CVE-2020-1738.html * https://www.suse.com/security/cve/CVE-2020-1739.html * https://www.suse.com/security/cve/CVE-2020-1740.html * https://www.suse.com/security/cve/CVE-2020-1744.html * https://www.suse.com/security/cve/CVE-2020-1746.html * https://www.suse.com/security/cve/CVE-2020-1753.html * https://www.suse.com/security/cve/CVE-2021-20178.html * https://www.suse.com/security/cve/CVE-2021-20180.html * https://www.suse.com/security/cve/CVE-2021-20191.html * https://www.suse.com/security/cve/CVE-2021-20228.html * https://www.suse.com/security/cve/CVE-2021-3583.html

1 0

openSUSE-SU-2024:14537-1: moderate: ansible-core-2.17-2.17.6-1.1 on GA media
by meissner＠suse.com 03 Dec '24

03 Dec '24

# ansible-core-2.17-2.17.6-1.1 on GA media Announcement ID: openSUSE-SU-2024:14537-1 Rating: moderate Cross-References: * CVE-2023-5115 * CVE-2023-5764 * CVE-2024-0690 * CVE-2024-8775 * CVE-2024-9902 CVSS scores: * CVE-2023-5115 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N * CVE-2023-5764 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2024-0690 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8775 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-9902 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L * CVE-2024-9902 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 5 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the ansible-core-2.17-2.17.6-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * ansible-core-2.17 2.17.6-1.1 * ansible-test-2.17 2.17.6-1.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5115.html * https://www.suse.com/security/cve/CVE-2023-5764.html * https://www.suse.com/security/cve/CVE-2024-0690.html * https://www.suse.com/security/cve/CVE-2024-8775.html * https://www.suse.com/security/cve/CVE-2024-9902.html

1 0

openSUSE-SU-2024:14538-1: moderate: avahi-0.8-37.1 on GA media
by meissner＠suse.com 03 Dec '24

03 Dec '24

# avahi-0.8-37.1 on GA media Announcement ID: openSUSE-SU-2024:14538-1 Rating: moderate Cross-References: * CVE-2024-52616 CVSS scores: * CVE-2024-52616 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-52616 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the avahi-0.8-37.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * avahi 0.8-37.1 * avahi-autoipd 0.8-37.1 * avahi-compat-howl-devel 0.8-37.1 * avahi-compat-mDNSResponder-devel 0.8-37.1 * avahi-lang 0.8-37.1 * avahi-utils 0.8-37.1 * libavahi-client3 0.8-37.1 * libavahi-client3-32bit 0.8-37.1 * libavahi-common3 0.8-37.1 * libavahi-common3-32bit 0.8-37.1 * libavahi-core7 0.8-37.1 * libavahi-devel 0.8-37.1 * libavahi-libevent1 0.8-37.1 * libdns_sd 0.8-37.1 * libdns_sd-32bit 0.8-37.1 * libhowl0 0.8-37.1 * python310-avahi 0.8-37.1 * python311-avahi 0.8-37.1 * python312-avahi 0.8-37.1 * python313-avahi 0.8-37.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52616.html

1 0

SUSE-SU-2024:4157-1: moderate: Security update for bpftool
by OPENSUSE-SECURITY-UPDATES 03 Dec '24

03 Dec '24

# Security update for bpftool Announcement ID: SUSE-SU-2024:4157-1 Release Date: 2024-12-03T14:26:58Z Rating: moderate References: * bsc#1232258 Cross-References: * CVE-2024-49987 CVSS scores: * CVE-2024-49987 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49987 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49987 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for bpftool fixes the following issues: * CVE-2024-49987: Fixed undefined behavior in qsort(NULL, 0, ...) (bsc#1232258) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4157=1 openSUSE-SLE-15.6-2024-4157=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4157=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * bpftool-debugsource-6.4.0-150600.19.6.1 * bpftool-debuginfo-6.4.0-150600.19.6.1 * bpftool-6.4.0-150600.19.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * bpftool-debugsource-6.4.0-150600.19.6.1 * bpftool-debuginfo-6.4.0-150600.19.6.1 * bpftool-6.4.0-150600.19.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-49987.html * https://bugzilla.suse.com/show_bug.cgi?id=1232258

1 0

SUSE-SU-2024:4145-1: moderate: Security update for wget
by OPENSUSE-SECURITY-UPDATES 03 Dec '24

03 Dec '24

# Security update for wget Announcement ID: SUSE-SU-2024:4145-1 Release Date: 2024-12-03T09:07:38Z Rating: moderate References: * bsc#1233773 Cross-References: * CVE-2024-10524 CVSS scores: * CVE-2024-10524 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-10524 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N * CVE-2024-10524 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for wget fixes the following issues: * CVE-2024-10524: Fixed SSRF via shorthand HTTP URL (bsc#1233773) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4145=1 openSUSE-SLE-15.6-2024-4145=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4145=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * wget-debuginfo-1.20.3-150600.19.9.1 * wget-1.20.3-150600.19.9.1 * wget-debugsource-1.20.3-150600.19.9.1 * openSUSE Leap 15.6 (noarch) * wget-lang-1.20.3-150600.19.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wget-debuginfo-1.20.3-150600.19.9.1 * wget-1.20.3-150600.19.9.1 * wget-debugsource-1.20.3-150600.19.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10524.html * https://bugzilla.suse.com/show_bug.cgi?id=1233773

1 0

SUSE-SU-2024:4146-1: moderate: Security update for php7
by OPENSUSE-SECURITY-UPDATES 03 Dec '24

03 Dec '24

# Security update for php7 Announcement ID: SUSE-SU-2024:4146-1 Release Date: 2024-12-03T09:08:38Z Rating: moderate References: * bsc#1233651 * bsc#1233702 * bsc#1233703 Cross-References: * CVE-2024-11233 * CVE-2024-11234 * CVE-2024-8929 CVSS scores: * CVE-2024-11233 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-11233 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2024-11233 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-11233 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2024-11234 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-11234 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-11234 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-11234 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N * CVE-2024-8929 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-8929 ( NVD ): 5.8 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * Legacy Module 15-SP5 * Legacy Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for php7 fixes the following issues: * CVE-2024-11233: Single byte overread with convert.quoted-printable-decode filter (bsc#1233702). * CVE-2024-11234: Configuring a proxy in a stream context might allow for CRLF injection in URIs (bsc#1233703). * CVE-2024-8929: Leak partial content of the heap through heap buffer over- read (bsc#1233651). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4146=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4146=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4146=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-4146=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-4146=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4146=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4146=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * php7-tokenizer-7.4.33-150400.4.43.1 * php7-snmp-7.4.33-150400.4.43.1 * php7-zlib-debuginfo-7.4.33-150400.4.43.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.43.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.43.1 * php7-intl-7.4.33-150400.4.43.1 * php7-enchant-debuginfo-7.4.33-150400.4.43.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.43.1 * php7-sysvshm-7.4.33-150400.4.43.1 * php7-iconv-debuginfo-7.4.33-150400.4.43.1 * php7-sqlite-debuginfo-7.4.33-150400.4.43.1 * php7-embed-7.4.33-150400.4.43.1 * php7-pdo-debuginfo-7.4.33-150400.4.43.1 * php7-readline-debuginfo-7.4.33-150400.4.43.1 * php7-fastcgi-debugsource-7.4.33-150400.4.43.1 * php7-mbstring-7.4.33-150400.4.43.1 * php7-zip-7.4.33-150400.4.43.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.43.1 * php7-opcache-debuginfo-7.4.33-150400.4.43.1 * php7-xmlrpc-7.4.33-150400.4.43.1 * php7-tidy-debuginfo-7.4.33-150400.4.43.1 * php7-cli-7.4.33-150400.4.43.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.43.1 * php7-pgsql-7.4.33-150400.4.43.1 * php7-fileinfo-7.4.33-150400.4.43.1 * php7-ftp-7.4.33-150400.4.43.1 * php7-calendar-7.4.33-150400.4.43.1 * php7-phar-7.4.33-150400.4.43.1 * php7-gd-debuginfo-7.4.33-150400.4.43.1 * php7-sqlite-7.4.33-150400.4.43.1 * php7-fpm-7.4.33-150400.4.43.1 * php7-embed-debugsource-7.4.33-150400.4.43.1 * php7-gettext-7.4.33-150400.4.43.1 * php7-sysvmsg-7.4.33-150400.4.43.1 * php7-curl-debuginfo-7.4.33-150400.4.43.1 * php7-dom-7.4.33-150400.4.43.1 * php7-intl-debuginfo-7.4.33-150400.4.43.1 * php7-json-debuginfo-7.4.33-150400.4.43.1 * php7-gmp-7.4.33-150400.4.43.1 * php7-tidy-7.4.33-150400.4.43.1 * php7-sockets-7.4.33-150400.4.43.1 * php7-enchant-7.4.33-150400.4.43.1 * php7-dba-7.4.33-150400.4.43.1 * php7-ctype-debuginfo-7.4.33-150400.4.43.1 * php7-shmop-7.4.33-150400.4.43.1 * php7-exif-7.4.33-150400.4.43.1 * php7-xsl-debuginfo-7.4.33-150400.4.43.1 * php7-posix-7.4.33-150400.4.43.1 * php7-odbc-7.4.33-150400.4.43.1 * php7-xmlwriter-7.4.33-150400.4.43.1 * php7-sysvsem-7.4.33-150400.4.43.1 * php7-ctype-7.4.33-150400.4.43.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.43.1 * php7-iconv-7.4.33-150400.4.43.1 * php7-debuginfo-7.4.33-150400.4.43.1 * php7-exif-debuginfo-7.4.33-150400.4.43.1 * php7-cli-debuginfo-7.4.33-150400.4.43.1 * php7-calendar-debuginfo-7.4.33-150400.4.43.1 * php7-posix-debuginfo-7.4.33-150400.4.43.1 * php7-snmp-debuginfo-7.4.33-150400.4.43.1 * php7-bcmath-debuginfo-7.4.33-150400.4.43.1 * apache2-mod_php7-7.4.33-150400.4.43.1 * php7-devel-7.4.33-150400.4.43.1 * php7-bcmath-7.4.33-150400.4.43.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.43.1 * php7-gmp-debuginfo-7.4.33-150400.4.43.1 * php7-json-7.4.33-150400.4.43.1 * php7-xsl-7.4.33-150400.4.43.1 * php7-7.4.33-150400.4.43.1 * php7-pcntl-7.4.33-150400.4.43.1 * php7-openssl-7.4.33-150400.4.43.1 * php7-fpm-debuginfo-7.4.33-150400.4.43.1 * php7-pgsql-debuginfo-7.4.33-150400.4.43.1 * php7-zlib-7.4.33-150400.4.43.1 * php7-gettext-debuginfo-7.4.33-150400.4.43.1 * php7-embed-debuginfo-7.4.33-150400.4.43.1 * php7-phar-debuginfo-7.4.33-150400.4.43.1 * php7-pdo-7.4.33-150400.4.43.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.43.1 * php7-soap-7.4.33-150400.4.43.1 * php7-fpm-debugsource-7.4.33-150400.4.43.1 * php7-openssl-debuginfo-7.4.33-150400.4.43.1 * php7-bz2-debuginfo-7.4.33-150400.4.43.1 * php7-pcntl-debuginfo-7.4.33-150400.4.43.1 * php7-gd-7.4.33-150400.4.43.1 * php7-ldap-7.4.33-150400.4.43.1 * php7-dom-debuginfo-7.4.33-150400.4.43.1 * php7-sodium-debuginfo-7.4.33-150400.4.43.1 * php7-mysql-debuginfo-7.4.33-150400.4.43.1 * php7-shmop-debuginfo-7.4.33-150400.4.43.1 * php7-xmlreader-7.4.33-150400.4.43.1 * php7-zip-debuginfo-7.4.33-150400.4.43.1 * php7-opcache-7.4.33-150400.4.43.1 * php7-soap-debuginfo-7.4.33-150400.4.43.1 * php7-ldap-debuginfo-7.4.33-150400.4.43.1 * php7-debugsource-7.4.33-150400.4.43.1 * php7-mbstring-debuginfo-7.4.33-150400.4.43.1 * php7-sodium-7.4.33-150400.4.43.1 * php7-mysql-7.4.33-150400.4.43.1 * php7-ftp-debuginfo-7.4.33-150400.4.43.1 * php7-bz2-7.4.33-150400.4.43.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.43.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.43.1 * php7-test-7.4.33-150400.4.43.1 * php7-dba-debuginfo-7.4.33-150400.4.43.1 * php7-curl-7.4.33-150400.4.43.1 * php7-odbc-debuginfo-7.4.33-150400.4.43.1 * php7-fastcgi-7.4.33-150400.4.43.1 * php7-sockets-debuginfo-7.4.33-150400.4.43.1 * php7-readline-7.4.33-150400.4.43.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.43.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * php7-tokenizer-7.4.33-150400.4.43.1 * php7-snmp-7.4.33-150400.4.43.1 * php7-zlib-debuginfo-7.4.33-150400.4.43.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.43.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.43.1 * php7-intl-7.4.33-150400.4.43.1 * php7-enchant-debuginfo-7.4.33-150400.4.43.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.43.1 * php7-sysvshm-7.4.33-150400.4.43.1 * php7-iconv-debuginfo-7.4.33-150400.4.43.1 * php7-sqlite-debuginfo-7.4.33-150400.4.43.1 * php7-embed-7.4.33-150400.4.43.1 * php7-pdo-debuginfo-7.4.33-150400.4.43.1 * php7-readline-debuginfo-7.4.33-150400.4.43.1 * php7-fastcgi-debugsource-7.4.33-150400.4.43.1 * php7-mbstring-7.4.33-150400.4.43.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.43.1 * php7-zip-7.4.33-150400.4.43.1 * php7-opcache-debuginfo-7.4.33-150400.4.43.1 * php7-xmlrpc-7.4.33-150400.4.43.1 * php7-tidy-debuginfo-7.4.33-150400.4.43.1 * php7-cli-7.4.33-150400.4.43.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.43.1 * php7-pgsql-7.4.33-150400.4.43.1 * php7-fileinfo-7.4.33-150400.4.43.1 * php7-ftp-7.4.33-150400.4.43.1 * php7-calendar-7.4.33-150400.4.43.1 * php7-fpm-7.4.33-150400.4.43.1 * php7-gd-debuginfo-7.4.33-150400.4.43.1 * php7-phar-7.4.33-150400.4.43.1 * php7-sqlite-7.4.33-150400.4.43.1 * php7-embed-debugsource-7.4.33-150400.4.43.1 * php7-gettext-7.4.33-150400.4.43.1 * php7-sysvmsg-7.4.33-150400.4.43.1 * php7-curl-debuginfo-7.4.33-150400.4.43.1 * php7-dom-7.4.33-150400.4.43.1 * php7-intl-debuginfo-7.4.33-150400.4.43.1 * php7-json-debuginfo-7.4.33-150400.4.43.1 * php7-gmp-7.4.33-150400.4.43.1 * php7-tidy-7.4.33-150400.4.43.1 * php7-sockets-7.4.33-150400.4.43.1 * php7-enchant-7.4.33-150400.4.43.1 * php7-dba-7.4.33-150400.4.43.1 * php7-ctype-debuginfo-7.4.33-150400.4.43.1 * php7-shmop-7.4.33-150400.4.43.1 * php7-exif-7.4.33-150400.4.43.1 * php7-xsl-debuginfo-7.4.33-150400.4.43.1 * php7-posix-7.4.33-150400.4.43.1 * php7-odbc-7.4.33-150400.4.43.1 * php7-xmlwriter-7.4.33-150400.4.43.1 * php7-ctype-7.4.33-150400.4.43.1 * php7-sysvsem-7.4.33-150400.4.43.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.43.1 * php7-iconv-7.4.33-150400.4.43.1 * php7-debuginfo-7.4.33-150400.4.43.1 * php7-exif-debuginfo-7.4.33-150400.4.43.1 * php7-cli-debuginfo-7.4.33-150400.4.43.1 * php7-calendar-debuginfo-7.4.33-150400.4.43.1 * php7-posix-debuginfo-7.4.33-150400.4.43.1 * php7-snmp-debuginfo-7.4.33-150400.4.43.1 * php7-bcmath-debuginfo-7.4.33-150400.4.43.1 * apache2-mod_php7-7.4.33-150400.4.43.1 * php7-devel-7.4.33-150400.4.43.1 * php7-bcmath-7.4.33-150400.4.43.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.43.1 * php7-gmp-debuginfo-7.4.33-150400.4.43.1 * php7-json-7.4.33-150400.4.43.1 * php7-xsl-7.4.33-150400.4.43.1 * php7-7.4.33-150400.4.43.1 * php7-pcntl-7.4.33-150400.4.43.1 * php7-openssl-7.4.33-150400.4.43.1 * php7-fpm-debuginfo-7.4.33-150400.4.43.1 * php7-pgsql-debuginfo-7.4.33-150400.4.43.1 * php7-zlib-7.4.33-150400.4.43.1 * php7-gettext-debuginfo-7.4.33-150400.4.43.1 * php7-embed-debuginfo-7.4.33-150400.4.43.1 * php7-phar-debuginfo-7.4.33-150400.4.43.1 * php7-pdo-7.4.33-150400.4.43.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.43.1 * php7-soap-7.4.33-150400.4.43.1 * php7-fpm-debugsource-7.4.33-150400.4.43.1 * php7-openssl-debuginfo-7.4.33-150400.4.43.1 * php7-bz2-debuginfo-7.4.33-150400.4.43.1 * php7-pcntl-debuginfo-7.4.33-150400.4.43.1 * php7-gd-7.4.33-150400.4.43.1 * php7-ldap-7.4.33-150400.4.43.1 * php7-dom-debuginfo-7.4.33-150400.4.43.1 * php7-sodium-debuginfo-7.4.33-150400.4.43.1 * php7-mysql-debuginfo-7.4.33-150400.4.43.1 * php7-shmop-debuginfo-7.4.33-150400.4.43.1 * php7-xmlreader-7.4.33-150400.4.43.1 * php7-zip-debuginfo-7.4.33-150400.4.43.1 * php7-opcache-7.4.33-150400.4.43.1 * php7-soap-debuginfo-7.4.33-150400.4.43.1 * php7-ldap-debuginfo-7.4.33-150400.4.43.1 * php7-debugsource-7.4.33-150400.4.43.1 * php7-mbstring-debuginfo-7.4.33-150400.4.43.1 * php7-sodium-7.4.33-150400.4.43.1 * php7-mysql-7.4.33-150400.4.43.1 * php7-ftp-debuginfo-7.4.33-150400.4.43.1 * php7-bz2-7.4.33-150400.4.43.1 * php7-test-7.4.33-150400.4.43.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.43.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.43.1 * php7-dba-debuginfo-7.4.33-150400.4.43.1 * php7-curl-7.4.33-150400.4.43.1 * php7-odbc-debuginfo-7.4.33-150400.4.43.1 * php7-fastcgi-7.4.33-150400.4.43.1 * php7-sockets-debuginfo-7.4.33-150400.4.43.1 * php7-readline-7.4.33-150400.4.43.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.43.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * php7-tokenizer-7.4.33-150400.4.43.1 * php7-snmp-7.4.33-150400.4.43.1 * php7-zlib-debuginfo-7.4.33-150400.4.43.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.43.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.43.1 * php7-intl-7.4.33-150400.4.43.1 * php7-enchant-debuginfo-7.4.33-150400.4.43.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.43.1 * php7-sysvshm-7.4.33-150400.4.43.1 * php7-iconv-debuginfo-7.4.33-150400.4.43.1 * php7-sqlite-debuginfo-7.4.33-150400.4.43.1 * php7-embed-7.4.33-150400.4.43.1 * php7-pdo-debuginfo-7.4.33-150400.4.43.1 * php7-readline-debuginfo-7.4.33-150400.4.43.1 * php7-fastcgi-debugsource-7.4.33-150400.4.43.1 * php7-mbstring-7.4.33-150400.4.43.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.43.1 * php7-zip-7.4.33-150400.4.43.1 * php7-opcache-debuginfo-7.4.33-150400.4.43.1 * php7-xmlrpc-7.4.33-150400.4.43.1 * php7-tidy-debuginfo-7.4.33-150400.4.43.1 * php7-cli-7.4.33-150400.4.43.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.43.1 * php7-pgsql-7.4.33-150400.4.43.1 * php7-fileinfo-7.4.33-150400.4.43.1 * php7-ftp-7.4.33-150400.4.43.1 * php7-calendar-7.4.33-150400.4.43.1 * php7-fpm-7.4.33-150400.4.43.1 * php7-gd-debuginfo-7.4.33-150400.4.43.1 * php7-phar-7.4.33-150400.4.43.1 * php7-sqlite-7.4.33-150400.4.43.1 * php7-embed-debugsource-7.4.33-150400.4.43.1 * php7-gettext-7.4.33-150400.4.43.1 * php7-sysvmsg-7.4.33-150400.4.43.1 * php7-curl-debuginfo-7.4.33-150400.4.43.1 * php7-dom-7.4.33-150400.4.43.1 * php7-intl-debuginfo-7.4.33-150400.4.43.1 * php7-json-debuginfo-7.4.33-150400.4.43.1 * php7-gmp-7.4.33-150400.4.43.1 * php7-tidy-7.4.33-150400.4.43.1 * php7-sockets-7.4.33-150400.4.43.1 * php7-enchant-7.4.33-150400.4.43.1 * php7-dba-7.4.33-150400.4.43.1 * php7-ctype-debuginfo-7.4.33-150400.4.43.1 * php7-shmop-7.4.33-150400.4.43.1 * php7-exif-7.4.33-150400.4.43.1 * php7-xsl-debuginfo-7.4.33-150400.4.43.1 * php7-posix-7.4.33-150400.4.43.1 * php7-odbc-7.4.33-150400.4.43.1 * php7-xmlwriter-7.4.33-150400.4.43.1 * php7-ctype-7.4.33-150400.4.43.1 * php7-sysvsem-7.4.33-150400.4.43.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.43.1 * php7-iconv-7.4.33-150400.4.43.1 * php7-debuginfo-7.4.33-150400.4.43.1 * php7-exif-debuginfo-7.4.33-150400.4.43.1 * php7-cli-debuginfo-7.4.33-150400.4.43.1 * php7-calendar-debuginfo-7.4.33-150400.4.43.1 * php7-posix-debuginfo-7.4.33-150400.4.43.1 * php7-snmp-debuginfo-7.4.33-150400.4.43.1 * php7-bcmath-debuginfo-7.4.33-150400.4.43.1 * apache2-mod_php7-7.4.33-150400.4.43.1 * php7-devel-7.4.33-150400.4.43.1 * php7-bcmath-7.4.33-150400.4.43.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.43.1 * php7-gmp-debuginfo-7.4.33-150400.4.43.1 * php7-json-7.4.33-150400.4.43.1 * php7-xsl-7.4.33-150400.4.43.1 * php7-7.4.33-150400.4.43.1 * php7-pcntl-7.4.33-150400.4.43.1 * php7-openssl-7.4.33-150400.4.43.1 * php7-fpm-debuginfo-7.4.33-150400.4.43.1 * php7-pgsql-debuginfo-7.4.33-150400.4.43.1 * php7-zlib-7.4.33-150400.4.43.1 * php7-gettext-debuginfo-7.4.33-150400.4.43.1 * php7-embed-debuginfo-7.4.33-150400.4.43.1 * php7-phar-debuginfo-7.4.33-150400.4.43.1 * php7-pdo-7.4.33-150400.4.43.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.43.1 * php7-soap-7.4.33-150400.4.43.1 * php7-fpm-debugsource-7.4.33-150400.4.43.1 * php7-openssl-debuginfo-7.4.33-150400.4.43.1 * php7-bz2-debuginfo-7.4.33-150400.4.43.1 * php7-pcntl-debuginfo-7.4.33-150400.4.43.1 * php7-gd-7.4.33-150400.4.43.1 * php7-ldap-7.4.33-150400.4.43.1 * php7-dom-debuginfo-7.4.33-150400.4.43.1 * php7-sodium-debuginfo-7.4.33-150400.4.43.1 * php7-mysql-debuginfo-7.4.33-150400.4.43.1 * php7-shmop-debuginfo-7.4.33-150400.4.43.1 * php7-xmlreader-7.4.33-150400.4.43.1 * php7-zip-debuginfo-7.4.33-150400.4.43.1 * php7-opcache-7.4.33-150400.4.43.1 * php7-soap-debuginfo-7.4.33-150400.4.43.1 * php7-ldap-debuginfo-7.4.33-150400.4.43.1 * php7-debugsource-7.4.33-150400.4.43.1 * php7-mbstring-debuginfo-7.4.33-150400.4.43.1 * php7-sodium-7.4.33-150400.4.43.1 * php7-mysql-7.4.33-150400.4.43.1 * php7-ftp-debuginfo-7.4.33-150400.4.43.1 * php7-bz2-7.4.33-150400.4.43.1 * php7-test-7.4.33-150400.4.43.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.43.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.43.1 * php7-dba-debuginfo-7.4.33-150400.4.43.1 * php7-curl-7.4.33-150400.4.43.1 * php7-odbc-debuginfo-7.4.33-150400.4.43.1 * php7-fastcgi-7.4.33-150400.4.43.1 * php7-sockets-debuginfo-7.4.33-150400.4.43.1 * php7-readline-7.4.33-150400.4.43.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.43.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * php7-tokenizer-7.4.33-150400.4.43.1 * php7-snmp-7.4.33-150400.4.43.1 * php7-zlib-debuginfo-7.4.33-150400.4.43.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.43.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.43.1 * php7-intl-7.4.33-150400.4.43.1 * php7-enchant-debuginfo-7.4.33-150400.4.43.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.43.1 * php7-sysvshm-7.4.33-150400.4.43.1 * php7-iconv-debuginfo-7.4.33-150400.4.43.1 * php7-sqlite-debuginfo-7.4.33-150400.4.43.1 * php7-pdo-debuginfo-7.4.33-150400.4.43.1 * php7-readline-debuginfo-7.4.33-150400.4.43.1 * php7-fastcgi-debugsource-7.4.33-150400.4.43.1 * php7-mbstring-7.4.33-150400.4.43.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.43.1 * php7-zip-7.4.33-150400.4.43.1 * php7-opcache-debuginfo-7.4.33-150400.4.43.1 * php7-xmlrpc-7.4.33-150400.4.43.1 * php7-tidy-debuginfo-7.4.33-150400.4.43.1 * php7-cli-7.4.33-150400.4.43.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.43.1 * php7-pgsql-7.4.33-150400.4.43.1 * php7-fileinfo-7.4.33-150400.4.43.1 * php7-ftp-7.4.33-150400.4.43.1 * php7-calendar-7.4.33-150400.4.43.1 * php7-fpm-7.4.33-150400.4.43.1 * php7-gd-debuginfo-7.4.33-150400.4.43.1 * php7-phar-7.4.33-150400.4.43.1 * php7-sqlite-7.4.33-150400.4.43.1 * php7-gettext-7.4.33-150400.4.43.1 * php7-sysvmsg-7.4.33-150400.4.43.1 * php7-curl-debuginfo-7.4.33-150400.4.43.1 * php7-dom-7.4.33-150400.4.43.1 * php7-intl-debuginfo-7.4.33-150400.4.43.1 * php7-json-debuginfo-7.4.33-150400.4.43.1 * php7-gmp-7.4.33-150400.4.43.1 * php7-tidy-7.4.33-150400.4.43.1 * php7-sockets-7.4.33-150400.4.43.1 * php7-enchant-7.4.33-150400.4.43.1 * php7-dba-7.4.33-150400.4.43.1 * php7-ctype-debuginfo-7.4.33-150400.4.43.1 * php7-shmop-7.4.33-150400.4.43.1 * php7-exif-7.4.33-150400.4.43.1 * php7-xsl-debuginfo-7.4.33-150400.4.43.1 * php7-posix-7.4.33-150400.4.43.1 * php7-odbc-7.4.33-150400.4.43.1 * php7-xmlwriter-7.4.33-150400.4.43.1 * php7-ctype-7.4.33-150400.4.43.1 * php7-sysvsem-7.4.33-150400.4.43.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.43.1 * php7-iconv-7.4.33-150400.4.43.1 * php7-debuginfo-7.4.33-150400.4.43.1 * php7-exif-debuginfo-7.4.33-150400.4.43.1 * php7-cli-debuginfo-7.4.33-150400.4.43.1 * php7-calendar-debuginfo-7.4.33-150400.4.43.1 * php7-posix-debuginfo-7.4.33-150400.4.43.1 * php7-snmp-debuginfo-7.4.33-150400.4.43.1 * php7-bcmath-debuginfo-7.4.33-150400.4.43.1 * apache2-mod_php7-7.4.33-150400.4.43.1 * php7-devel-7.4.33-150400.4.43.1 * php7-bcmath-7.4.33-150400.4.43.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.43.1 * php7-gmp-debuginfo-7.4.33-150400.4.43.1 * php7-json-7.4.33-150400.4.43.1 * php7-xsl-7.4.33-150400.4.43.1 * php7-7.4.33-150400.4.43.1 * php7-pcntl-7.4.33-150400.4.43.1 * php7-openssl-7.4.33-150400.4.43.1 * php7-fpm-debuginfo-7.4.33-150400.4.43.1 * php7-pgsql-debuginfo-7.4.33-150400.4.43.1 * php7-zlib-7.4.33-150400.4.43.1 * php7-gettext-debuginfo-7.4.33-150400.4.43.1 * php7-phar-debuginfo-7.4.33-150400.4.43.1 * php7-pdo-7.4.33-150400.4.43.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.43.1 * php7-soap-7.4.33-150400.4.43.1 * php7-fpm-debugsource-7.4.33-150400.4.43.1 * php7-openssl-debuginfo-7.4.33-150400.4.43.1 * php7-bz2-debuginfo-7.4.33-150400.4.43.1 * php7-pcntl-debuginfo-7.4.33-150400.4.43.1 * php7-gd-7.4.33-150400.4.43.1 * php7-ldap-7.4.33-150400.4.43.1 * php7-dom-debuginfo-7.4.33-150400.4.43.1 * php7-sodium-debuginfo-7.4.33-150400.4.43.1 * php7-mysql-debuginfo-7.4.33-150400.4.43.1 * php7-shmop-debuginfo-7.4.33-150400.4.43.1 * php7-xmlreader-7.4.33-150400.4.43.1 * php7-zip-debuginfo-7.4.33-150400.4.43.1 * php7-opcache-7.4.33-150400.4.43.1 * php7-soap-debuginfo-7.4.33-150400.4.43.1 * php7-ldap-debuginfo-7.4.33-150400.4.43.1 * php7-debugsource-7.4.33-150400.4.43.1 * php7-mbstring-debuginfo-7.4.33-150400.4.43.1 * php7-sodium-7.4.33-150400.4.43.1 * php7-mysql-7.4.33-150400.4.43.1 * php7-ftp-debuginfo-7.4.33-150400.4.43.1 * php7-bz2-7.4.33-150400.4.43.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.43.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.43.1 * php7-dba-debuginfo-7.4.33-150400.4.43.1 * php7-curl-7.4.33-150400.4.43.1 * php7-odbc-debuginfo-7.4.33-150400.4.43.1 * php7-fastcgi-7.4.33-150400.4.43.1 * php7-sockets-debuginfo-7.4.33-150400.4.43.1 * php7-readline-7.4.33-150400.4.43.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.43.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * php7-tokenizer-7.4.33-150400.4.43.1 * php7-snmp-7.4.33-150400.4.43.1 * php7-zlib-debuginfo-7.4.33-150400.4.43.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.43.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.43.1 * php7-intl-7.4.33-150400.4.43.1 * php7-enchant-debuginfo-7.4.33-150400.4.43.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.43.1 * php7-sysvshm-7.4.33-150400.4.43.1 * php7-iconv-debuginfo-7.4.33-150400.4.43.1 * php7-sqlite-debuginfo-7.4.33-150400.4.43.1 * php7-pdo-debuginfo-7.4.33-150400.4.43.1 * php7-readline-debuginfo-7.4.33-150400.4.43.1 * php7-fastcgi-debugsource-7.4.33-150400.4.43.1 * php7-mbstring-7.4.33-150400.4.43.1 * apache2-mod_php7-debugsource-7.4.33-150400.4.43.1 * php7-zip-7.4.33-150400.4.43.1 * php7-opcache-debuginfo-7.4.33-150400.4.43.1 * php7-xmlrpc-7.4.33-150400.4.43.1 * php7-tidy-debuginfo-7.4.33-150400.4.43.1 * php7-cli-7.4.33-150400.4.43.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.43.1 * php7-pgsql-7.4.33-150400.4.43.1 * php7-fileinfo-7.4.33-150400.4.43.1 * php7-ftp-7.4.33-150400.4.43.1 * php7-calendar-7.4.33-150400.4.43.1 * php7-fpm-7.4.33-150400.4.43.1 * php7-gd-debuginfo-7.4.33-150400.4.43.1 * php7-phar-7.4.33-150400.4.43.1 * php7-sqlite-7.4.33-150400.4.43.1 * php7-gettext-7.4.33-150400.4.43.1 * php7-sysvmsg-7.4.33-150400.4.43.1 * php7-curl-debuginfo-7.4.33-150400.4.43.1 * php7-dom-7.4.33-150400.4.43.1 * php7-intl-debuginfo-7.4.33-150400.4.43.1 * php7-json-debuginfo-7.4.33-150400.4.43.1 * php7-gmp-7.4.33-150400.4.43.1 * php7-tidy-7.4.33-150400.4.43.1 * php7-sockets-7.4.33-150400.4.43.1 * php7-enchant-7.4.33-150400.4.43.1 * php7-dba-7.4.33-150400.4.43.1 * php7-ctype-debuginfo-7.4.33-150400.4.43.1 * php7-shmop-7.4.33-150400.4.43.1 * php7-exif-7.4.33-150400.4.43.1 * php7-xsl-debuginfo-7.4.33-150400.4.43.1 * php7-posix-7.4.33-150400.4.43.1 * php7-odbc-7.4.33-150400.4.43.1 * php7-xmlwriter-7.4.33-150400.4.43.1 * php7-ctype-7.4.33-150400.4.43.1 * php7-sysvsem-7.4.33-150400.4.43.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.43.1 * php7-iconv-7.4.33-150400.4.43.1 * php7-debuginfo-7.4.33-150400.4.43.1 * php7-exif-debuginfo-7.4.33-150400.4.43.1 * php7-cli-debuginfo-7.4.33-150400.4.43.1 * php7-calendar-debuginfo-7.4.33-150400.4.43.1 * php7-posix-debuginfo-7.4.33-150400.4.43.1 * php7-snmp-debuginfo-7.4.33-150400.4.43.1 * php7-bcmath-debuginfo-7.4.33-150400.4.43.1 * apache2-mod_php7-7.4.33-150400.4.43.1 * php7-devel-7.4.33-150400.4.43.1 * php7-bcmath-7.4.33-150400.4.43.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.43.1 * php7-gmp-debuginfo-7.4.33-150400.4.43.1 * php7-json-7.4.33-150400.4.43.1 * php7-xsl-7.4.33-150400.4.43.1 * php7-7.4.33-150400.4.43.1 * php7-pcntl-7.4.33-150400.4.43.1 * php7-openssl-7.4.33-150400.4.43.1 * php7-fpm-debuginfo-7.4.33-150400.4.43.1 * php7-pgsql-debuginfo-7.4.33-150400.4.43.1 * php7-zlib-7.4.33-150400.4.43.1 * php7-gettext-debuginfo-7.4.33-150400.4.43.1 * php7-phar-debuginfo-7.4.33-150400.4.43.1 * php7-pdo-7.4.33-150400.4.43.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.43.1 * php7-soap-7.4.33-150400.4.43.1 * php7-fpm-debugsource-7.4.33-150400.4.43.1 * php7-openssl-debuginfo-7.4.33-150400.4.43.1 * php7-bz2-debuginfo-7.4.33-150400.4.43.1 * php7-pcntl-debuginfo-7.4.33-150400.4.43.1 * php7-gd-7.4.33-150400.4.43.1 * php7-ldap-7.4.33-150400.4.43.1 * php7-dom-debuginfo-7.4.33-150400.4.43.1 * php7-sodium-debuginfo-7.4.33-150400.4.43.1 * php7-mysql-debuginfo-7.4.33-150400.4.43.1 * php7-shmop-debuginfo-7.4.33-150400.4.43.1 * php7-xmlreader-7.4.33-150400.4.43.1 * php7-zip-debuginfo-7.4.33-150400.4.43.1 * php7-opcache-7.4.33-150400.4.43.1 * php7-soap-debuginfo-7.4.33-150400.4.43.1 * php7-ldap-debuginfo-7.4.33-150400.4.43.1 * php7-debugsource-7.4.33-150400.4.43.1 * php7-mbstring-debuginfo-7.4.33-150400.4.43.1 * php7-sodium-7.4.33-150400.4.43.1 * php7-mysql-7.4.33-150400.4.43.1 * php7-ftp-debuginfo-7.4.33-150400.4.43.1 * php7-bz2-7.4.33-150400.4.43.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.43.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.43.1 * php7-dba-debuginfo-7.4.33-150400.4.43.1 * php7-curl-7.4.33-150400.4.43.1 * php7-odbc-debuginfo-7.4.33-150400.4.43.1 * php7-fastcgi-7.4.33-150400.4.43.1 * php7-sockets-debuginfo-7.4.33-150400.4.43.1 * php7-readline-7.4.33-150400.4.43.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.43.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * php7-embed-7.4.33-150400.4.43.1 * php7-embed-debuginfo-7.4.33-150400.4.43.1 * php7-embed-debugsource-7.4.33-150400.4.43.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * php7-embed-7.4.33-150400.4.43.1 * php7-embed-debuginfo-7.4.33-150400.4.43.1 * php7-embed-debugsource-7.4.33-150400.4.43.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11233.html * https://www.suse.com/security/cve/CVE-2024-11234.html * https://www.suse.com/security/cve/CVE-2024-8929.html * https://bugzilla.suse.com/show_bug.cgi?id=1233651 * https://bugzilla.suse.com/show_bug.cgi?id=1233702 * https://bugzilla.suse.com/show_bug.cgi?id=1233703

1 0

SUSE-SU-2024:4148-1: important: Security update for MozillaThunderbird
by OPENSUSE-SECURITY-UPDATES 03 Dec '24

03 Dec '24

# Security update for MozillaThunderbird Announcement ID: SUSE-SU-2024:4148-1 Release Date: 2024-12-03T09:10:23Z Rating: important References: * bsc#1233650 * bsc#1233695 Cross-References: * CVE-2024-11691 * CVE-2024-11692 * CVE-2024-11693 * CVE-2024-11694 * CVE-2024-11695 * CVE-2024-11696 * CVE-2024-11697 * CVE-2024-11698 * CVE-2024-11699 CVSS scores: * CVE-2024-11691 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-11692 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-11693 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-11694 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-11695 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-11696 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-11697 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-11698 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-11699 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves nine vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: * Mozilla Thunderbird 128.5 * fixed: IMAP could crash when reading cached messages * fixed: Enabling "Show Folder Size" on Maildir profile could render Thunderbird unusable * fixed: Messages corrupted by folder compaction were only fixed by user intervention * fixed: Reading a message from past the end of an mbox file did not cause an error * fixed: View -> Folders had duplicate F access keys * fixed: Add-ons adding columns to the message list could fail and cause display issue * fixed: "Empty trash on exit" and "Expunge inbox on exit" did not always work * fixed: Selecting a display option in View -> Tasks did not apply in the Task interface * fixed: Security fixes MFSA 2024-68 (bsc#1233695) * CVE-2024-11691 Out-of-bounds write in Apple GPU drivers via WebGL * CVE-2024-11692 Select list elements could be shown over another site * CVE-2024-11693 Download Protections were bypassed by .library-ms files on Windows * CVE-2024-11694 CSP Bypass and XSS Exposure via Web Compatibility Shims * CVE-2024-11695 URL Bar Spoofing via Manipulated Punycode and Whitespace Characters * CVE-2024-11696 Unhandled Exception in Add-on Signature Verification * CVE-2024-11697 Improper Keypress Handling in Executable File Confirmation Dialog * CVE-2024-11698 Fullscreen Lock-Up When Modal Dialog Interrupts Transition on macOS * CVE-2024-11699 Memory safety bugs fixed in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5 * Handle upstream changes with esr-prefix of desktop-file (bsc#1233650) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4148=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4148=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4148=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4148=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-4148=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-4148=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-translations-common-128.5.0-150200.8.191.1 * MozillaThunderbird-128.5.0-150200.8.191.1 * MozillaThunderbird-debugsource-128.5.0-150200.8.191.1 * MozillaThunderbird-translations-other-128.5.0-150200.8.191.1 * MozillaThunderbird-debuginfo-128.5.0-150200.8.191.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-translations-common-128.5.0-150200.8.191.1 * MozillaThunderbird-128.5.0-150200.8.191.1 * MozillaThunderbird-debugsource-128.5.0-150200.8.191.1 * MozillaThunderbird-translations-other-128.5.0-150200.8.191.1 * MozillaThunderbird-debuginfo-128.5.0-150200.8.191.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * MozillaThunderbird-translations-common-128.5.0-150200.8.191.1 * MozillaThunderbird-128.5.0-150200.8.191.1 * MozillaThunderbird-debugsource-128.5.0-150200.8.191.1 * MozillaThunderbird-translations-other-128.5.0-150200.8.191.1 * MozillaThunderbird-debuginfo-128.5.0-150200.8.191.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * MozillaThunderbird-translations-common-128.5.0-150200.8.191.1 * MozillaThunderbird-128.5.0-150200.8.191.1 * MozillaThunderbird-debugsource-128.5.0-150200.8.191.1 * MozillaThunderbird-translations-other-128.5.0-150200.8.191.1 * MozillaThunderbird-debuginfo-128.5.0-150200.8.191.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * MozillaThunderbird-translations-common-128.5.0-150200.8.191.1 * MozillaThunderbird-128.5.0-150200.8.191.1 * MozillaThunderbird-debugsource-128.5.0-150200.8.191.1 * MozillaThunderbird-translations-other-128.5.0-150200.8.191.1 * MozillaThunderbird-debuginfo-128.5.0-150200.8.191.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * MozillaThunderbird-translations-common-128.5.0-150200.8.191.1 * MozillaThunderbird-128.5.0-150200.8.191.1 * MozillaThunderbird-debugsource-128.5.0-150200.8.191.1 * MozillaThunderbird-translations-other-128.5.0-150200.8.191.1 * MozillaThunderbird-debuginfo-128.5.0-150200.8.191.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11691.html * https://www.suse.com/security/cve/CVE-2024-11692.html * https://www.suse.com/security/cve/CVE-2024-11693.html * https://www.suse.com/security/cve/CVE-2024-11694.html * https://www.suse.com/security/cve/CVE-2024-11695.html * https://www.suse.com/security/cve/CVE-2024-11696.html * https://www.suse.com/security/cve/CVE-2024-11697.html * https://www.suse.com/security/cve/CVE-2024-11698.html * https://www.suse.com/security/cve/CVE-2024-11699.html * https://bugzilla.suse.com/show_bug.cgi?id=1233650 * https://bugzilla.suse.com/show_bug.cgi?id=1233695

1 0

SUSE-SU-2024:4151-1: low: Security update for python
by OPENSUSE-SECURITY-UPDATES 03 Dec '24

03 Dec '24

# Security update for python Announcement ID: SUSE-SU-2024:4151-1 Release Date: 2024-12-03T10:39:25Z Rating: low References: * bsc#1227378 * bsc#1231795 * bsc#1233307 Cross-References: * CVE-2024-11168 CVSS scores: * CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-11168 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for python fixes the following issues: * CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses (bsc#1233307) Other fixes: \- Add ipaddress module from https://github.com/phihag/ipaddress \- Remove -IVendor/ from python-config (bsc#1231795) \- Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts (bsc#1227378). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4151=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4151=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4151=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4151=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-curses-2.7.18-150000.68.1 * libpython2_7-1_0-2.7.18-150000.68.1 * python-base-debugsource-2.7.18-150000.68.1 * python-base-2.7.18-150000.68.1 * python-xml-debuginfo-2.7.18-150000.68.1 * python-debugsource-2.7.18-150000.68.1 * python-base-debuginfo-2.7.18-150000.68.1 * python-devel-2.7.18-150000.68.1 * python-debuginfo-2.7.18-150000.68.1 * python-idle-2.7.18-150000.68.1 * python-tk-2.7.18-150000.68.1 * python-tk-debuginfo-2.7.18-150000.68.1 * libpython2_7-1_0-debuginfo-2.7.18-150000.68.1 * python-gdbm-2.7.18-150000.68.1 * python-curses-debuginfo-2.7.18-150000.68.1 * python-xml-2.7.18-150000.68.1 * python-gdbm-debuginfo-2.7.18-150000.68.1 * python-2.7.18-150000.68.1 * python-demo-2.7.18-150000.68.1 * openSUSE Leap 15.5 (x86_64) * python-32bit-2.7.18-150000.68.1 * python-base-32bit-debuginfo-2.7.18-150000.68.1 * python-base-32bit-2.7.18-150000.68.1 * libpython2_7-1_0-32bit-2.7.18-150000.68.1 * libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.68.1 * python-32bit-debuginfo-2.7.18-150000.68.1 * openSUSE Leap 15.5 (noarch) * python-doc-pdf-2.7.18-150000.68.1 * python-doc-2.7.18-150000.68.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python-curses-2.7.18-150000.68.1 * libpython2_7-1_0-2.7.18-150000.68.1 * python-base-debugsource-2.7.18-150000.68.1 * python-base-2.7.18-150000.68.1 * python-xml-debuginfo-2.7.18-150000.68.1 * python-debugsource-2.7.18-150000.68.1 * python-base-debuginfo-2.7.18-150000.68.1 * python-devel-2.7.18-150000.68.1 * python-debuginfo-2.7.18-150000.68.1 * python-idle-2.7.18-150000.68.1 * python-tk-2.7.18-150000.68.1 * python-tk-debuginfo-2.7.18-150000.68.1 * libpython2_7-1_0-debuginfo-2.7.18-150000.68.1 * python-gdbm-2.7.18-150000.68.1 * python-curses-debuginfo-2.7.18-150000.68.1 * python-xml-2.7.18-150000.68.1 * python-gdbm-debuginfo-2.7.18-150000.68.1 * python-2.7.18-150000.68.1 * python-demo-2.7.18-150000.68.1 * openSUSE Leap 15.6 (x86_64) * python-32bit-2.7.18-150000.68.1 * python-base-32bit-debuginfo-2.7.18-150000.68.1 * python-base-32bit-2.7.18-150000.68.1 * libpython2_7-1_0-32bit-2.7.18-150000.68.1 * libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.68.1 * python-32bit-debuginfo-2.7.18-150000.68.1 * openSUSE Leap 15.6 (noarch) * python-doc-pdf-2.7.18-150000.68.1 * python-doc-2.7.18-150000.68.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * python-curses-2.7.18-150000.68.1 * libpython2_7-1_0-2.7.18-150000.68.1 * python-base-debugsource-2.7.18-150000.68.1 * python-base-2.7.18-150000.68.1 * python-xml-debuginfo-2.7.18-150000.68.1 * python-debugsource-2.7.18-150000.68.1 * python-base-debuginfo-2.7.18-150000.68.1 * python-devel-2.7.18-150000.68.1 * python-debuginfo-2.7.18-150000.68.1 * libpython2_7-1_0-debuginfo-2.7.18-150000.68.1 * python-gdbm-2.7.18-150000.68.1 * python-curses-debuginfo-2.7.18-150000.68.1 * python-xml-2.7.18-150000.68.1 * python-gdbm-debuginfo-2.7.18-150000.68.1 * python-2.7.18-150000.68.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * python-curses-2.7.18-150000.68.1 * libpython2_7-1_0-2.7.18-150000.68.1 * python-base-debugsource-2.7.18-150000.68.1 * python-base-2.7.18-150000.68.1 * python-xml-debuginfo-2.7.18-150000.68.1 * python-debugsource-2.7.18-150000.68.1 * python-base-debuginfo-2.7.18-150000.68.1 * python-debuginfo-2.7.18-150000.68.1 * libpython2_7-1_0-debuginfo-2.7.18-150000.68.1 * python-gdbm-2.7.18-150000.68.1 * python-curses-debuginfo-2.7.18-150000.68.1 * python-xml-2.7.18-150000.68.1 * python-gdbm-debuginfo-2.7.18-150000.68.1 * python-2.7.18-150000.68.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11168.html * https://bugzilla.suse.com/show_bug.cgi?id=1227378 * https://bugzilla.suse.com/show_bug.cgi?id=1231795 * https://bugzilla.suse.com/show_bug.cgi?id=1233307

1 0

SUSE-SU-2024:4152-1: important: Security update for editorconfig-core-c
by OPENSUSE-SECURITY-UPDATES 03 Dec '24

03 Dec '24

# Security update for editorconfig-core-c Announcement ID: SUSE-SU-2024:4152-1 Release Date: 2024-12-03T11:10:58Z Rating: important References: * bsc#1233815 Cross-References: * CVE-2024-53849 CVSS scores: * CVE-2024-53849 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-53849 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for editorconfig-core-c fixes the following issues: * CVE-2024-53849: stack buffer overflow and pointer overflow when handling escaped characters. (bsc#1233815) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4152=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4152=1 openSUSE-SLE-15.6-2024-4152=1 ## Package List: * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * editorconfig-core-c-debugsource-0.12.6-150600.3.3.1 * libeditorconfig0-0.12.6-150600.3.3.1 * libeditorconfig0-debuginfo-0.12.6-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libeditorconfig0-debuginfo-0.12.6-150600.3.3.1 * editorconfig-debuginfo-0.12.6-150600.3.3.1 * editorconfig-0.12.6-150600.3.3.1 * libeditorconfig-devel-0.12.6-150600.3.3.1 * editorconfig-core-c-debugsource-0.12.6-150600.3.3.1 * libeditorconfig0-0.12.6-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * libeditorconfig0-32bit-0.12.6-150600.3.3.1 * libeditorconfig0-32bit-debuginfo-0.12.6-150600.3.3.1 * libeditorconfig-devel-32bit-0.12.6-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libeditorconfig-devel-64bit-0.12.6-150600.3.3.1 * libeditorconfig0-64bit-debuginfo-0.12.6-150600.3.3.1 * libeditorconfig0-64bit-0.12.6-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53849.html * https://bugzilla.suse.com/show_bug.cgi?id=1233815

1 0

SUSE-SU-2024:4153-1: moderate: Security update for python310
by OPENSUSE-SECURITY-UPDATES 03 Dec '24

03 Dec '24

# Security update for python310 Announcement ID: SUSE-SU-2024:4153-1 Release Date: 2024-12-03T11:12:53Z Rating: moderate References: * bsc#1231795 * bsc#1232750 * bsc#1233307 Cross-References: * CVE-2024-11168 CVSS scores: * CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-11168 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for python310 fixes the following issues: * CVE-2024-11168: improper validation of IPv6 and IPvFuture addresses. (bsc#1233307) Bug fixes: * Remove -IVendor/ from python-config. (bsc#1231795) * Include renaming :noindex: option to :no-index: in Sphinx 7.2. (bsc#1232750) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4153=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4153=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4153=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python310-curses-debuginfo-3.10.15-150400.4.63.1 * python310-devel-3.10.15-150400.4.63.1 * python310-debugsource-3.10.15-150400.4.63.1 * python310-curses-3.10.15-150400.4.63.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.63.1 * python310-base-3.10.15-150400.4.63.1 * python310-3.10.15-150400.4.63.1 * python310-doc-3.10.15-150400.4.63.1 * python310-core-debugsource-3.10.15-150400.4.63.1 * python310-debuginfo-3.10.15-150400.4.63.1 * python310-dbm-debuginfo-3.10.15-150400.4.63.1 * python310-dbm-3.10.15-150400.4.63.1 * python310-tk-3.10.15-150400.4.63.1 * python310-tools-3.10.15-150400.4.63.1 * python310-doc-devhelp-3.10.15-150400.4.63.1 * python310-testsuite-debuginfo-3.10.15-150400.4.63.1 * python310-testsuite-3.10.15-150400.4.63.1 * python310-tk-debuginfo-3.10.15-150400.4.63.1 * python310-base-debuginfo-3.10.15-150400.4.63.1 * python310-idle-3.10.15-150400.4.63.1 * libpython3_10-1_0-3.10.15-150400.4.63.1 * openSUSE Leap 15.4 (x86_64) * python310-base-32bit-3.10.15-150400.4.63.1 * python310-32bit-debuginfo-3.10.15-150400.4.63.1 * libpython3_10-1_0-32bit-3.10.15-150400.4.63.1 * python310-base-32bit-debuginfo-3.10.15-150400.4.63.1 * python310-32bit-3.10.15-150400.4.63.1 * libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.63.1 * openSUSE Leap 15.4 (aarch64_ilp32) * python310-64bit-3.10.15-150400.4.63.1 * python310-base-64bit-debuginfo-3.10.15-150400.4.63.1 * libpython3_10-1_0-64bit-3.10.15-150400.4.63.1 * libpython3_10-1_0-64bit-debuginfo-3.10.15-150400.4.63.1 * python310-base-64bit-3.10.15-150400.4.63.1 * python310-64bit-debuginfo-3.10.15-150400.4.63.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python310-curses-debuginfo-3.10.15-150400.4.63.1 * python310-devel-3.10.15-150400.4.63.1 * python310-debugsource-3.10.15-150400.4.63.1 * python310-curses-3.10.15-150400.4.63.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.63.1 * python310-base-3.10.15-150400.4.63.1 * python310-3.10.15-150400.4.63.1 * python310-doc-3.10.15-150400.4.63.1 * python310-core-debugsource-3.10.15-150400.4.63.1 * python310-debuginfo-3.10.15-150400.4.63.1 * python310-dbm-debuginfo-3.10.15-150400.4.63.1 * python310-dbm-3.10.15-150400.4.63.1 * python310-tk-3.10.15-150400.4.63.1 * python310-tools-3.10.15-150400.4.63.1 * python310-doc-devhelp-3.10.15-150400.4.63.1 * python310-testsuite-debuginfo-3.10.15-150400.4.63.1 * python310-testsuite-3.10.15-150400.4.63.1 * python310-tk-debuginfo-3.10.15-150400.4.63.1 * python310-base-debuginfo-3.10.15-150400.4.63.1 * python310-idle-3.10.15-150400.4.63.1 * libpython3_10-1_0-3.10.15-150400.4.63.1 * openSUSE Leap 15.5 (x86_64) * python310-base-32bit-3.10.15-150400.4.63.1 * python310-32bit-debuginfo-3.10.15-150400.4.63.1 * libpython3_10-1_0-32bit-3.10.15-150400.4.63.1 * python310-base-32bit-debuginfo-3.10.15-150400.4.63.1 * python310-32bit-3.10.15-150400.4.63.1 * libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.63.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python310-curses-debuginfo-3.10.15-150400.4.63.1 * python310-devel-3.10.15-150400.4.63.1 * python310-debugsource-3.10.15-150400.4.63.1 * python310-curses-3.10.15-150400.4.63.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.63.1 * python310-base-3.10.15-150400.4.63.1 * python310-3.10.15-150400.4.63.1 * python310-doc-3.10.15-150400.4.63.1 * python310-core-debugsource-3.10.15-150400.4.63.1 * python310-debuginfo-3.10.15-150400.4.63.1 * python310-dbm-debuginfo-3.10.15-150400.4.63.1 * python310-dbm-3.10.15-150400.4.63.1 * python310-tk-3.10.15-150400.4.63.1 * python310-tools-3.10.15-150400.4.63.1 * python310-doc-devhelp-3.10.15-150400.4.63.1 * python310-testsuite-debuginfo-3.10.15-150400.4.63.1 * python310-testsuite-3.10.15-150400.4.63.1 * python310-tk-debuginfo-3.10.15-150400.4.63.1 * python310-base-debuginfo-3.10.15-150400.4.63.1 * python310-idle-3.10.15-150400.4.63.1 * libpython3_10-1_0-3.10.15-150400.4.63.1 * openSUSE Leap 15.6 (x86_64) * python310-base-32bit-3.10.15-150400.4.63.1 * python310-32bit-debuginfo-3.10.15-150400.4.63.1 * libpython3_10-1_0-32bit-3.10.15-150400.4.63.1 * python310-base-32bit-debuginfo-3.10.15-150400.4.63.1 * python310-32bit-3.10.15-150400.4.63.1 * libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.63.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11168.html * https://bugzilla.suse.com/show_bug.cgi?id=1231795 * https://bugzilla.suse.com/show_bug.cgi?id=1232750 * https://bugzilla.suse.com/show_bug.cgi?id=1233307

1 0

SUSE-SU-2024:4142-1: important: Security update for wireshark
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for wireshark Announcement ID: SUSE-SU-2024:4142-1 Release Date: 2024-12-02T19:48:58Z Rating: important References: * bsc#1233593 * bsc#1233594 Cross-References: * CVE-2024-11595 * CVE-2024-11596 CVSS scores: * CVE-2024-11595 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-11596 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for wireshark fixes the following issues: * CVE-2024-11595: FiveCo RAP dissector infinite loop (bsc#1233594). * CVE-2024-11596: ECMP dissector crash (bsc#1233593). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4142=1 SUSE-2024-4142=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4142=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-4142=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * wireshark-debuginfo-4.2.9-150600.18.17.1 * wireshark-debugsource-4.2.9-150600.18.17.1 * libwireshark17-debuginfo-4.2.9-150600.18.17.1 * libwsutil15-debuginfo-4.2.9-150600.18.17.1 * wireshark-4.2.9-150600.18.17.1 * libwsutil15-4.2.9-150600.18.17.1 * libwireshark17-4.2.9-150600.18.17.1 * libwiretap14-debuginfo-4.2.9-150600.18.17.1 * libwiretap14-4.2.9-150600.18.17.1 * wireshark-devel-4.2.9-150600.18.17.1 * wireshark-ui-qt-debuginfo-4.2.9-150600.18.17.1 * wireshark-ui-qt-4.2.9-150600.18.17.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wireshark-debuginfo-4.2.9-150600.18.17.1 * wireshark-debugsource-4.2.9-150600.18.17.1 * libwireshark17-debuginfo-4.2.9-150600.18.17.1 * libwsutil15-debuginfo-4.2.9-150600.18.17.1 * wireshark-4.2.9-150600.18.17.1 * libwsutil15-4.2.9-150600.18.17.1 * libwireshark17-4.2.9-150600.18.17.1 * libwiretap14-debuginfo-4.2.9-150600.18.17.1 * libwiretap14-4.2.9-150600.18.17.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wireshark-debuginfo-4.2.9-150600.18.17.1 * wireshark-debugsource-4.2.9-150600.18.17.1 * wireshark-devel-4.2.9-150600.18.17.1 * wireshark-ui-qt-debuginfo-4.2.9-150600.18.17.1 * wireshark-ui-qt-4.2.9-150600.18.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11595.html * https://www.suse.com/security/cve/CVE-2024-11596.html * https://bugzilla.suse.com/show_bug.cgi?id=1233593 * https://bugzilla.suse.com/show_bug.cgi?id=1233594

1 0

SUSE-SU-2024:4143-1: important: Security update for python3-virtualenv
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for python3-virtualenv Announcement ID: SUSE-SU-2024:4143-1 Release Date: 2024-12-02T19:50:36Z Rating: important References: * bsc#1232072 * bsc#1233706 Cross-References: * CVE-2024-53899 CVSS scores: * CVE-2024-53899 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53899 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-53899 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53899 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python3-virtualenv fixes the following issues: Security issue fixed: * CVE-2024-53899: Fixed a command injection through activation scripts (bsc#1233706) Non-security issue fixed: * Relax version requirements that cannot be provided (bsc#1232072) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4143=1 openSUSE-SLE-15.6-2024-4143=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4143=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python3-virtualenv-20.17.1-150600.3.5.1 * Development Tools Module 15-SP6 (noarch) * python3-virtualenv-20.17.1-150600.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53899.html * https://bugzilla.suse.com/show_bug.cgi?id=1232072 * https://bugzilla.suse.com/show_bug.cgi?id=1233706

1 0

SUSE-SU-2024:4135-1: moderate: Security update for python39
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for python39 Announcement ID: SUSE-SU-2024:4135-1 Release Date: 2024-12-02T12:21:20Z Rating: moderate References: * bsc#1231795 * bsc#1233307 Cross-References: * CVE-2024-11168 CVSS scores: * CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X * CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-11168 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python39 fixes the following issues: * CVE-2024-11168: Improper validation of IPv6 and IPvFuture addresses (bsc#1233307). Bug fixes: * Remove -IVendor/ from python-config (bsc#1231795). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-4135=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4135=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4135=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-4135=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-core-debugsource-3.9.20-150300.4.58.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.58.1 * python39-debuginfo-3.9.20-150300.4.58.1 * python39-tools-3.9.20-150300.4.58.1 * python39-tk-debuginfo-3.9.20-150300.4.58.1 * python39-dbm-debuginfo-3.9.20-150300.4.58.1 * python39-base-debuginfo-3.9.20-150300.4.58.1 * python39-tk-3.9.20-150300.4.58.1 * python39-doc-3.9.20-150300.4.58.1 * python39-testsuite-debuginfo-3.9.20-150300.4.58.1 * libpython3_9-1_0-3.9.20-150300.4.58.1 * python39-debugsource-3.9.20-150300.4.58.1 * python39-curses-debuginfo-3.9.20-150300.4.58.1 * python39-testsuite-3.9.20-150300.4.58.1 * python39-base-3.9.20-150300.4.58.1 * python39-devel-3.9.20-150300.4.58.1 * python39-curses-3.9.20-150300.4.58.1 * python39-doc-devhelp-3.9.20-150300.4.58.1 * python39-3.9.20-150300.4.58.1 * python39-idle-3.9.20-150300.4.58.1 * python39-dbm-3.9.20-150300.4.58.1 * openSUSE Leap 15.3 (x86_64) * libpython3_9-1_0-32bit-3.9.20-150300.4.58.1 * python39-32bit-debuginfo-3.9.20-150300.4.58.1 * python39-base-32bit-3.9.20-150300.4.58.1 * libpython3_9-1_0-32bit-debuginfo-3.9.20-150300.4.58.1 * python39-base-32bit-debuginfo-3.9.20-150300.4.58.1 * python39-32bit-3.9.20-150300.4.58.1 * openSUSE Leap 15.3 (aarch64_ilp32) * python39-64bit-3.9.20-150300.4.58.1 * python39-64bit-debuginfo-3.9.20-150300.4.58.1 * libpython3_9-1_0-64bit-3.9.20-150300.4.58.1 * libpython3_9-1_0-64bit-debuginfo-3.9.20-150300.4.58.1 * python39-base-64bit-3.9.20-150300.4.58.1 * python39-base-64bit-debuginfo-3.9.20-150300.4.58.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python39-core-debugsource-3.9.20-150300.4.58.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.58.1 * python39-debuginfo-3.9.20-150300.4.58.1 * python39-tools-3.9.20-150300.4.58.1 * python39-tk-debuginfo-3.9.20-150300.4.58.1 * python39-dbm-debuginfo-3.9.20-150300.4.58.1 * python39-tk-3.9.20-150300.4.58.1 * python39-base-debuginfo-3.9.20-150300.4.58.1 * python39-doc-3.9.20-150300.4.58.1 * python39-testsuite-debuginfo-3.9.20-150300.4.58.1 * libpython3_9-1_0-3.9.20-150300.4.58.1 * python39-debugsource-3.9.20-150300.4.58.1 * python39-curses-debuginfo-3.9.20-150300.4.58.1 * python39-testsuite-3.9.20-150300.4.58.1 * python39-base-3.9.20-150300.4.58.1 * python39-devel-3.9.20-150300.4.58.1 * python39-curses-3.9.20-150300.4.58.1 * python39-doc-devhelp-3.9.20-150300.4.58.1 * python39-3.9.20-150300.4.58.1 * python39-idle-3.9.20-150300.4.58.1 * python39-dbm-3.9.20-150300.4.58.1 * openSUSE Leap 15.5 (x86_64) * libpython3_9-1_0-32bit-3.9.20-150300.4.58.1 * python39-32bit-debuginfo-3.9.20-150300.4.58.1 * python39-base-32bit-3.9.20-150300.4.58.1 * libpython3_9-1_0-32bit-debuginfo-3.9.20-150300.4.58.1 * python39-base-32bit-debuginfo-3.9.20-150300.4.58.1 * python39-32bit-3.9.20-150300.4.58.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python39-core-debugsource-3.9.20-150300.4.58.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.58.1 * python39-debuginfo-3.9.20-150300.4.58.1 * python39-tools-3.9.20-150300.4.58.1 * python39-tk-debuginfo-3.9.20-150300.4.58.1 * python39-dbm-debuginfo-3.9.20-150300.4.58.1 * python39-tk-3.9.20-150300.4.58.1 * python39-base-debuginfo-3.9.20-150300.4.58.1 * python39-doc-3.9.20-150300.4.58.1 * python39-testsuite-debuginfo-3.9.20-150300.4.58.1 * libpython3_9-1_0-3.9.20-150300.4.58.1 * python39-debugsource-3.9.20-150300.4.58.1 * python39-curses-debuginfo-3.9.20-150300.4.58.1 * python39-testsuite-3.9.20-150300.4.58.1 * python39-base-3.9.20-150300.4.58.1 * python39-devel-3.9.20-150300.4.58.1 * python39-curses-3.9.20-150300.4.58.1 * python39-doc-devhelp-3.9.20-150300.4.58.1 * python39-3.9.20-150300.4.58.1 * python39-idle-3.9.20-150300.4.58.1 * python39-dbm-3.9.20-150300.4.58.1 * openSUSE Leap 15.6 (x86_64) * libpython3_9-1_0-32bit-3.9.20-150300.4.58.1 * python39-32bit-debuginfo-3.9.20-150300.4.58.1 * python39-base-32bit-3.9.20-150300.4.58.1 * libpython3_9-1_0-32bit-debuginfo-3.9.20-150300.4.58.1 * python39-base-32bit-debuginfo-3.9.20-150300.4.58.1 * python39-32bit-3.9.20-150300.4.58.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python39-base-3.9.20-150300.4.58.1 * python39-curses-3.9.20-150300.4.58.1 * libpython3_9-1_0-3.9.20-150300.4.58.1 * python39-3.9.20-150300.4.58.1 * python39-dbm-3.9.20-150300.4.58.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11168.html * https://bugzilla.suse.com/show_bug.cgi?id=1231795 * https://bugzilla.suse.com/show_bug.cgi?id=1233307

1 0

SUSE-SU-2024:4136-1: moderate: Security update for php8
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for php8 Announcement ID: SUSE-SU-2024:4136-1 Release Date: 2024-12-02T12:26:55Z Rating: moderate References: * bsc#1233651 * bsc#1233702 * bsc#1233703 Cross-References: * CVE-2024-11233 * CVE-2024-11234 * CVE-2024-11236 * CVE-2024-8929 * CVE-2024-8932 CVSS scores: * CVE-2024-11233 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-11233 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2024-11233 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-11233 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2024-11234 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-11234 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-11234 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N * CVE-2024-11234 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-11236 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-11236 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2024-11236 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-11236 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8929 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-8929 ( NVD ): 5.8 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-8932 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-8932 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Web and Scripting Module 15-SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for php8 fixes the following issues: * CVE-2024-11233: Single byte overread with convert.quoted-printable-decode filter (bsc#1233702). * CVE-2024-11234: Configuring a proxy in a stream context might allow for CRLF injection in URIs (bsc#1233703). * CVE-2024-8929: Leak partial content of the heap through heap buffer over- read (bsc#1233651). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4136=1 openSUSE-SLE-15.6-2024-4136=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2024-4136=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * php8-sockets-8.2.26-150600.3.9.1 * php8-xmlreader-8.2.26-150600.3.9.1 * php8-xsl-8.2.26-150600.3.9.1 * php8-enchant-8.2.26-150600.3.9.1 * php8-iconv-debuginfo-8.2.26-150600.3.9.1 * php8-ffi-8.2.26-150600.3.9.1 * php8-gettext-debuginfo-8.2.26-150600.3.9.1 * php8-fileinfo-8.2.26-150600.3.9.1 * php8-ffi-debuginfo-8.2.26-150600.3.9.1 * php8-phar-8.2.26-150600.3.9.1 * php8-opcache-debuginfo-8.2.26-150600.3.9.1 * php8-enchant-debuginfo-8.2.26-150600.3.9.1 * php8-fpm-debuginfo-8.2.26-150600.3.9.1 * php8-openssl-debuginfo-8.2.26-150600.3.9.1 * php8-ftp-8.2.26-150600.3.9.1 * php8-gd-8.2.26-150600.3.9.1 * php8-dom-8.2.26-150600.3.9.1 * php8-odbc-debuginfo-8.2.26-150600.3.9.1 * php8-gettext-8.2.26-150600.3.9.1 * php8-posix-debuginfo-8.2.26-150600.3.9.1 * php8-fastcgi-8.2.26-150600.3.9.1 * php8-calendar-8.2.26-150600.3.9.1 * php8-snmp-debuginfo-8.2.26-150600.3.9.1 * php8-dba-8.2.26-150600.3.9.1 * php8-tidy-8.2.26-150600.3.9.1 * php8-sysvsem-debuginfo-8.2.26-150600.3.9.1 * php8-snmp-8.2.26-150600.3.9.1 * php8-pdo-debuginfo-8.2.26-150600.3.9.1 * php8-zip-debuginfo-8.2.26-150600.3.9.1 * php8-sysvsem-8.2.26-150600.3.9.1 * php8-tidy-debuginfo-8.2.26-150600.3.9.1 * php8-ldap-debuginfo-8.2.26-150600.3.9.1 * php8-openssl-8.2.26-150600.3.9.1 * php8-embed-8.2.26-150600.3.9.1 * php8-mysql-8.2.26-150600.3.9.1 * php8-shmop-8.2.26-150600.3.9.1 * php8-embed-debuginfo-8.2.26-150600.3.9.1 * php8-curl-debuginfo-8.2.26-150600.3.9.1 * php8-sqlite-8.2.26-150600.3.9.1 * php8-opcache-8.2.26-150600.3.9.1 * php8-embed-debugsource-8.2.26-150600.3.9.1 * php8-ldap-8.2.26-150600.3.9.1 * php8-pgsql-debuginfo-8.2.26-150600.3.9.1 * php8-sysvmsg-debuginfo-8.2.26-150600.3.9.1 * php8-bz2-debuginfo-8.2.26-150600.3.9.1 * php8-ftp-debuginfo-8.2.26-150600.3.9.1 * php8-soap-8.2.26-150600.3.9.1 * php8-xmlwriter-8.2.26-150600.3.9.1 * php8-bcmath-8.2.26-150600.3.9.1 * php8-fpm-8.2.26-150600.3.9.1 * php8-debugsource-8.2.26-150600.3.9.1 * php8-exif-8.2.26-150600.3.9.1 * php8-cli-debuginfo-8.2.26-150600.3.9.1 * apache2-mod_php8-debuginfo-8.2.26-150600.3.9.1 * php8-zip-8.2.26-150600.3.9.1 * php8-tokenizer-debuginfo-8.2.26-150600.3.9.1 * php8-pgsql-8.2.26-150600.3.9.1 * php8-sysvshm-debuginfo-8.2.26-150600.3.9.1 * php8-8.2.26-150600.3.9.1 * php8-bz2-8.2.26-150600.3.9.1 * php8-sysvmsg-8.2.26-150600.3.9.1 * php8-dom-debuginfo-8.2.26-150600.3.9.1 * php8-intl-debuginfo-8.2.26-150600.3.9.1 * php8-mbstring-8.2.26-150600.3.9.1 * php8-phar-debuginfo-8.2.26-150600.3.9.1 * php8-curl-8.2.26-150600.3.9.1 * php8-pcntl-debuginfo-8.2.26-150600.3.9.1 * php8-xsl-debuginfo-8.2.26-150600.3.9.1 * php8-gmp-8.2.26-150600.3.9.1 * php8-sockets-debuginfo-8.2.26-150600.3.9.1 * php8-mbstring-debuginfo-8.2.26-150600.3.9.1 * php8-bcmath-debuginfo-8.2.26-150600.3.9.1 * php8-ctype-8.2.26-150600.3.9.1 * php8-sysvshm-8.2.26-150600.3.9.1 * php8-zlib-debuginfo-8.2.26-150600.3.9.1 * php8-odbc-8.2.26-150600.3.9.1 * php8-intl-8.2.26-150600.3.9.1 * php8-soap-debuginfo-8.2.26-150600.3.9.1 * php8-tokenizer-8.2.26-150600.3.9.1 * php8-ctype-debuginfo-8.2.26-150600.3.9.1 * apache2-mod_php8-debugsource-8.2.26-150600.3.9.1 * php8-xmlreader-debuginfo-8.2.26-150600.3.9.1 * php8-zlib-8.2.26-150600.3.9.1 * php8-sodium-debuginfo-8.2.26-150600.3.9.1 * php8-debuginfo-8.2.26-150600.3.9.1 * php8-sqlite-debuginfo-8.2.26-150600.3.9.1 * php8-xmlwriter-debuginfo-8.2.26-150600.3.9.1 * apache2-mod_php8-8.2.26-150600.3.9.1 * php8-fpm-debugsource-8.2.26-150600.3.9.1 * php8-sodium-8.2.26-150600.3.9.1 * php8-fileinfo-debuginfo-8.2.26-150600.3.9.1 * php8-gmp-debuginfo-8.2.26-150600.3.9.1 * php8-devel-8.2.26-150600.3.9.1 * php8-shmop-debuginfo-8.2.26-150600.3.9.1 * php8-readline-8.2.26-150600.3.9.1 * php8-calendar-debuginfo-8.2.26-150600.3.9.1 * php8-dba-debuginfo-8.2.26-150600.3.9.1 * php8-test-8.2.26-150600.3.9.1 * php8-pdo-8.2.26-150600.3.9.1 * php8-exif-debuginfo-8.2.26-150600.3.9.1 * php8-mysql-debuginfo-8.2.26-150600.3.9.1 * php8-pcntl-8.2.26-150600.3.9.1 * php8-cli-8.2.26-150600.3.9.1 * php8-gd-debuginfo-8.2.26-150600.3.9.1 * php8-posix-8.2.26-150600.3.9.1 * php8-iconv-8.2.26-150600.3.9.1 * php8-fastcgi-debuginfo-8.2.26-150600.3.9.1 * php8-readline-debuginfo-8.2.26-150600.3.9.1 * php8-fastcgi-debugsource-8.2.26-150600.3.9.1 * openSUSE Leap 15.6 (noarch) * php8-fpm-apache-8.2.26-150600.3.9.1 * Web and Scripting Module 15-SP6 (aarch64 ppc64le s390x x86_64) * php8-sockets-8.2.26-150600.3.9.1 * php8-xmlreader-8.2.26-150600.3.9.1 * php8-xsl-8.2.26-150600.3.9.1 * php8-enchant-8.2.26-150600.3.9.1 * php8-iconv-debuginfo-8.2.26-150600.3.9.1 * php8-gettext-debuginfo-8.2.26-150600.3.9.1 * php8-fileinfo-8.2.26-150600.3.9.1 * php8-phar-8.2.26-150600.3.9.1 * php8-opcache-debuginfo-8.2.26-150600.3.9.1 * php8-enchant-debuginfo-8.2.26-150600.3.9.1 * php8-fpm-debuginfo-8.2.26-150600.3.9.1 * php8-openssl-debuginfo-8.2.26-150600.3.9.1 * php8-ftp-8.2.26-150600.3.9.1 * php8-gd-8.2.26-150600.3.9.1 * php8-dom-8.2.26-150600.3.9.1 * php8-odbc-debuginfo-8.2.26-150600.3.9.1 * php8-gettext-8.2.26-150600.3.9.1 * php8-fastcgi-8.2.26-150600.3.9.1 * php8-posix-debuginfo-8.2.26-150600.3.9.1 * php8-calendar-8.2.26-150600.3.9.1 * php8-snmp-debuginfo-8.2.26-150600.3.9.1 * php8-dba-8.2.26-150600.3.9.1 * php8-tidy-8.2.26-150600.3.9.1 * php8-sysvsem-debuginfo-8.2.26-150600.3.9.1 * php8-snmp-8.2.26-150600.3.9.1 * php8-pdo-debuginfo-8.2.26-150600.3.9.1 * php8-zip-debuginfo-8.2.26-150600.3.9.1 * php8-sysvsem-8.2.26-150600.3.9.1 * php8-tidy-debuginfo-8.2.26-150600.3.9.1 * php8-ldap-debuginfo-8.2.26-150600.3.9.1 * php8-embed-8.2.26-150600.3.9.1 * php8-openssl-8.2.26-150600.3.9.1 * php8-mysql-8.2.26-150600.3.9.1 * php8-shmop-8.2.26-150600.3.9.1 * php8-embed-debuginfo-8.2.26-150600.3.9.1 * php8-curl-debuginfo-8.2.26-150600.3.9.1 * php8-sqlite-8.2.26-150600.3.9.1 * php8-opcache-8.2.26-150600.3.9.1 * php8-embed-debugsource-8.2.26-150600.3.9.1 * php8-ldap-8.2.26-150600.3.9.1 * php8-pgsql-debuginfo-8.2.26-150600.3.9.1 * php8-sysvmsg-debuginfo-8.2.26-150600.3.9.1 * php8-bz2-debuginfo-8.2.26-150600.3.9.1 * php8-ftp-debuginfo-8.2.26-150600.3.9.1 * php8-soap-8.2.26-150600.3.9.1 * php8-xmlwriter-8.2.26-150600.3.9.1 * php8-bcmath-8.2.26-150600.3.9.1 * php8-fpm-8.2.26-150600.3.9.1 * php8-debugsource-8.2.26-150600.3.9.1 * php8-exif-8.2.26-150600.3.9.1 * php8-cli-debuginfo-8.2.26-150600.3.9.1 * apache2-mod_php8-debuginfo-8.2.26-150600.3.9.1 * php8-zip-8.2.26-150600.3.9.1 * php8-tokenizer-debuginfo-8.2.26-150600.3.9.1 * php8-pgsql-8.2.26-150600.3.9.1 * php8-sysvshm-debuginfo-8.2.26-150600.3.9.1 * php8-8.2.26-150600.3.9.1 * php8-bz2-8.2.26-150600.3.9.1 * php8-sysvmsg-8.2.26-150600.3.9.1 * php8-dom-debuginfo-8.2.26-150600.3.9.1 * php8-intl-debuginfo-8.2.26-150600.3.9.1 * php8-mbstring-8.2.26-150600.3.9.1 * php8-phar-debuginfo-8.2.26-150600.3.9.1 * php8-curl-8.2.26-150600.3.9.1 * php8-pcntl-debuginfo-8.2.26-150600.3.9.1 * php8-xsl-debuginfo-8.2.26-150600.3.9.1 * php8-gmp-8.2.26-150600.3.9.1 * php8-sockets-debuginfo-8.2.26-150600.3.9.1 * php8-mbstring-debuginfo-8.2.26-150600.3.9.1 * php8-bcmath-debuginfo-8.2.26-150600.3.9.1 * php8-ctype-8.2.26-150600.3.9.1 * php8-sysvshm-8.2.26-150600.3.9.1 * php8-zlib-debuginfo-8.2.26-150600.3.9.1 * php8-odbc-8.2.26-150600.3.9.1 * php8-intl-8.2.26-150600.3.9.1 * php8-soap-debuginfo-8.2.26-150600.3.9.1 * php8-ctype-debuginfo-8.2.26-150600.3.9.1 * php8-tokenizer-8.2.26-150600.3.9.1 * apache2-mod_php8-debugsource-8.2.26-150600.3.9.1 * php8-xmlreader-debuginfo-8.2.26-150600.3.9.1 * php8-zlib-8.2.26-150600.3.9.1 * php8-sodium-debuginfo-8.2.26-150600.3.9.1 * php8-debuginfo-8.2.26-150600.3.9.1 * php8-sqlite-debuginfo-8.2.26-150600.3.9.1 * php8-xmlwriter-debuginfo-8.2.26-150600.3.9.1 * apache2-mod_php8-8.2.26-150600.3.9.1 * php8-fpm-debugsource-8.2.26-150600.3.9.1 * php8-sodium-8.2.26-150600.3.9.1 * php8-fileinfo-debuginfo-8.2.26-150600.3.9.1 * php8-gmp-debuginfo-8.2.26-150600.3.9.1 * php8-devel-8.2.26-150600.3.9.1 * php8-shmop-debuginfo-8.2.26-150600.3.9.1 * php8-readline-8.2.26-150600.3.9.1 * php8-calendar-debuginfo-8.2.26-150600.3.9.1 * php8-dba-debuginfo-8.2.26-150600.3.9.1 * php8-test-8.2.26-150600.3.9.1 * php8-pdo-8.2.26-150600.3.9.1 * php8-exif-debuginfo-8.2.26-150600.3.9.1 * php8-mysql-debuginfo-8.2.26-150600.3.9.1 * php8-pcntl-8.2.26-150600.3.9.1 * php8-cli-8.2.26-150600.3.9.1 * php8-gd-debuginfo-8.2.26-150600.3.9.1 * php8-posix-8.2.26-150600.3.9.1 * php8-iconv-8.2.26-150600.3.9.1 * php8-fastcgi-debuginfo-8.2.26-150600.3.9.1 * php8-readline-debuginfo-8.2.26-150600.3.9.1 * php8-fastcgi-debugsource-8.2.26-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11233.html * https://www.suse.com/security/cve/CVE-2024-11234.html * https://www.suse.com/security/cve/CVE-2024-11236.html * https://www.suse.com/security/cve/CVE-2024-8929.html * https://www.suse.com/security/cve/CVE-2024-8932.html * https://bugzilla.suse.com/show_bug.cgi?id=1233651 * https://bugzilla.suse.com/show_bug.cgi?id=1233702 * https://bugzilla.suse.com/show_bug.cgi?id=1233703

1 0

SUSE-SU-2024:4137-1: moderate: Security update for python-tornado6
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for python-tornado6 Announcement ID: SUSE-SU-2024:4137-1 Release Date: 2024-12-02T12:28:46Z Rating: moderate References: * bsc#1233668 Cross-References: * CVE-2024-52804 CVSS scores: * CVE-2024-52804 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-52804 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-52804 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Python 3 Module 15-SP5 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-tornado6 fixes the following issues: * CVE-2024-52804: Fixed a denial of service caused by quadratic performance of cookie parsing (bsc#1233668) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4137=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4137=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4137=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-4137=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-4137=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python-tornado6-debugsource-6.3.2-150400.9.6.1 * python311-tornado6-6.3.2-150400.9.6.1 * python311-tornado6-debuginfo-6.3.2-150400.9.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-tornado6-debugsource-6.3.2-150400.9.6.1 * python311-tornado6-6.3.2-150400.9.6.1 * python311-tornado6-debuginfo-6.3.2-150400.9.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python-tornado6-debugsource-6.3.2-150400.9.6.1 * python311-tornado6-6.3.2-150400.9.6.1 * python311-tornado6-debuginfo-6.3.2-150400.9.6.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python-tornado6-debugsource-6.3.2-150400.9.6.1 * python311-tornado6-6.3.2-150400.9.6.1 * python311-tornado6-debuginfo-6.3.2-150400.9.6.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python-tornado6-debugsource-6.3.2-150400.9.6.1 * python311-tornado6-6.3.2-150400.9.6.1 * python311-tornado6-debuginfo-6.3.2-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52804.html * https://bugzilla.suse.com/show_bug.cgi?id=1233668

1 0

SUSE-SU-2024:4138-1: moderate: Security update for wget
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for wget Announcement ID: SUSE-SU-2024:4138-1 Release Date: 2024-12-02T12:30:09Z Rating: moderate References: * bsc#1233773 Cross-References: * CVE-2024-10524 CVSS scores: * CVE-2024-10524 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-10524 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N * CVE-2024-10524 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for wget fixes the following issues: * CVE-2024-10524: Fixed SSRF via shorthand HTTP URL (bsc#1233773) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4138=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-4138=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4138=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * wget-1.20.3-150000.3.26.1 * wget-debuginfo-1.20.3-150000.3.26.1 * wget-debugsource-1.20.3-150000.3.26.1 * openSUSE Leap 15.5 (noarch) * wget-lang-1.20.3-150000.3.26.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * wget-1.20.3-150000.3.26.1 * wget-debuginfo-1.20.3-150000.3.26.1 * wget-debugsource-1.20.3-150000.3.26.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * wget-1.20.3-150000.3.26.1 * wget-debuginfo-1.20.3-150000.3.26.1 * wget-debugsource-1.20.3-150000.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10524.html * https://bugzilla.suse.com/show_bug.cgi?id=1233773

1 0

SUSE-SU-2024:4140-1: important: Security update for the Linux Kernel
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:4140-1 Release Date: 2024-12-02T14:37:27Z Rating: important References: * bsc#1195775 * bsc#1204171 * bsc#1205796 * bsc#1206344 * bsc#1209290 * bsc#1216223 * bsc#1218562 * bsc#1219125 * bsc#1223384 * bsc#1223524 * bsc#1223824 * bsc#1225189 * bsc#1225336 * bsc#1225611 * bsc#1226211 * bsc#1226212 * bsc#1226557 * bsc#1228743 * bsc#1229042 * bsc#1229454 * bsc#1229456 * bsc#1230429 * bsc#1230454 * bsc#1231073 * bsc#1231191 * bsc#1231193 * bsc#1231197 * bsc#1231200 * bsc#1231203 * bsc#1231293 * bsc#1231375 * bsc#1231502 * bsc#1231673 * bsc#1231861 * bsc#1231887 * bsc#1231890 * bsc#1231893 * bsc#1231895 * bsc#1231936 * bsc#1231938 * bsc#1231942 * bsc#1231960 * bsc#1231961 * bsc#1231979 * bsc#1231987 * bsc#1231988 * bsc#1232033 * bsc#1232069 * bsc#1232070 * bsc#1232097 * bsc#1232136 * bsc#1232145 * bsc#1232262 * bsc#1232280 * bsc#1232282 * bsc#1232286 * bsc#1232304 * bsc#1232383 * bsc#1232418 * bsc#1232424 * bsc#1232432 * bsc#1232519 Cross-References: * CVE-2021-47416 * CVE-2021-47589 * CVE-2022-3435 * CVE-2022-45934 * CVE-2022-48664 * CVE-2022-48947 * CVE-2022-48956 * CVE-2022-48960 * CVE-2022-48962 * CVE-2022-48967 * CVE-2022-48970 * CVE-2022-48988 * CVE-2022-48991 * CVE-2022-48999 * CVE-2022-49003 * CVE-2022-49014 * CVE-2022-49015 * CVE-2022-49023 * CVE-2022-49025 * CVE-2023-28327 * CVE-2023-46343 * CVE-2023-52881 * CVE-2023-52919 * CVE-2023-6270 * CVE-2024-27043 * CVE-2024-42145 * CVE-2024-44947 * CVE-2024-45016 * CVE-2024-45026 * CVE-2024-46813 * CVE-2024-46814 * CVE-2024-46816 * CVE-2024-46817 * CVE-2024-46818 * CVE-2024-46849 * CVE-2024-47668 * CVE-2024-47674 * CVE-2024-47684 * CVE-2024-47706 * CVE-2024-47747 * CVE-2024-49860 * CVE-2024-49867 * CVE-2024-49936 * CVE-2024-49969 * CVE-2024-49974 * CVE-2024-49982 * CVE-2024-49991 * CVE-2024-49995 * CVE-2024-50047 CVSS scores: * CVE-2021-47416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47589 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-3435 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-3435 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-45934 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-45934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48960 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48960 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48962 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48962 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2022-48962 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48967 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48967 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48967 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48970 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48988 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48988 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48988 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48999 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48999 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49003 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49003 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49003 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49014 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49014 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49025 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49025 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-28327 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-45016 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45026 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46813 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46814 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46816 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46817 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47668 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-47668 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-47668 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47674 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47674 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47684 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47706 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47706 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47706 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47747 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47747 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47747 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49860 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49867 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49867 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49867 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49936 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49936 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49969 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49974 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49974 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49974 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49995 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49995 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves 49 vulnerabilities and has 13 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47589: igbvf: fix double free in `igbvf_probe` (bsc#1226557). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). * CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). * CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). * CVE-2022-48967: NFC: nci: Bounds check struct nfc_target arrays (bsc#1232304). * CVE-2022-48988: memcg: Fix possible use-after-free in memcg_write_event_control() (bsc#1232069). * CVE-2022-48991: khugepaged: retract_page_tables() remember to test exit (bsc#1232070 prerequisity). * CVE-2022-49003: nvme: fix SRCU protection of nvme_ns_head list (bsc#1232136). * CVE-2022-49014: net: tun: Fix use-after-free in tun_detach() (bsc#1231890). * CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). * CVE-2022-49023: wifi: cfg80211: fix buffer overflow in elem comparison (bsc#1231961). * CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table (bsc#1231960). * CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). * CVE-2024-45026: s390/dasd: fix error recovery leading to data corruption on ESE devices (bsc#1230454). * CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). * CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193). * CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). * CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200). * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). * CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073). * CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502). * CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). * CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). * CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). * CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). * CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). * CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519). * CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). * CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). * CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). * CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). The following non-security bugs were fixed: * bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). * kernel-binary: generate and install compile_commands.json (bsc#1228971) * kernel-binary: vdso: Own module_dir * mkspec-dtb: add toplevel symlinks also on arm * net: mana: Fix the extra HZ in mana_hwc_send_request (bsc#1232033). * scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-4140=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-4140=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-4140=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4140=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4140=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4140=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4140=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-4140=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-4140=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-4140=1 ## Package List: * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.182.2 * openSUSE Leap 15.3 (noarch) * kernel-docs-html-5.3.18-150300.59.182.2 * kernel-source-5.3.18-150300.59.182.1 * kernel-source-vanilla-5.3.18-150300.59.182.1 * kernel-devel-5.3.18-150300.59.182.1 * kernel-macros-5.3.18-150300.59.182.1 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-debug-5.3.18-150300.59.182.1 * kernel-kvmsmall-5.3.18-150300.59.182.1 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-debug-debugsource-5.3.18-150300.59.182.1 * kernel-debug-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-debug-debuginfo-5.3.18-150300.59.182.1 * kernel-kvmsmall-debuginfo-5.3.18-150300.59.182.1 * kernel-kvmsmall-debugsource-5.3.18-150300.59.182.1 * kernel-kvmsmall-devel-5.3.18-150300.59.182.1 * kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.182.1 * kernel-debug-livepatch-devel-5.3.18-150300.59.182.1 * kernel-debug-devel-5.3.18-150300.59.182.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * kselftests-kmp-default-5.3.18-150300.59.182.1 * kernel-default-debuginfo-5.3.18-150300.59.182.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-livepatch-5.3.18-150300.59.182.1 * kernel-default-base-5.3.18-150300.59.182.1.150300.18.107.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-livepatch-devel-5.3.18-150300.59.182.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.182.1 * reiserfs-kmp-default-5.3.18-150300.59.182.1 * kernel-default-extra-5.3.18-150300.59.182.1 * gfs2-kmp-default-5.3.18-150300.59.182.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.182.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-optional-5.3.18-150300.59.182.1 * kernel-obs-build-5.3.18-150300.59.182.1 * kernel-obs-qa-5.3.18-150300.59.182.1 * cluster-md-kmp-default-5.3.18-150300.59.182.1 * kernel-default-debugsource-5.3.18-150300.59.182.1 * dlm-kmp-default-5.3.18-150300.59.182.1 * kernel-obs-build-debugsource-5.3.18-150300.59.182.1 * kernel-default-base-rebuild-5.3.18-150300.59.182.1.150300.18.107.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-default-optional-debuginfo-5.3.18-150300.59.182.1 * kernel-default-devel-5.3.18-150300.59.182.1 * kernel-default-extra-debuginfo-5.3.18-150300.59.182.1 * ocfs2-kmp-default-5.3.18-150300.59.182.1 * kernel-syms-5.3.18-150300.59.182.1 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.182.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.182.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_182-default-debuginfo-1-150300.7.3.1 * kernel-livepatch-SLE15-SP3_Update_50-debugsource-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_182-default-1-150300.7.3.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_182-preempt-debuginfo-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_182-preempt-1-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 x86_64) * kselftests-kmp-preempt-5.3.18-150300.59.182.1 * gfs2-kmp-preempt-5.3.18-150300.59.182.1 * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.182.1 * kernel-preempt-optional-debuginfo-5.3.18-150300.59.182.1 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.182.1 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.182.1 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.182.1 * dlm-kmp-preempt-5.3.18-150300.59.182.1 * ocfs2-kmp-preempt-5.3.18-150300.59.182.1 * cluster-md-kmp-preempt-5.3.18-150300.59.182.1 * kernel-preempt-optional-5.3.18-150300.59.182.1 * reiserfs-kmp-preempt-5.3.18-150300.59.182.1 * kernel-preempt-debuginfo-5.3.18-150300.59.182.1 * kernel-preempt-livepatch-devel-5.3.18-150300.59.182.1 * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.182.1 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.182.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-preempt-debugsource-5.3.18-150300.59.182.1 * kernel-preempt-extra-5.3.18-150300.59.182.1 * kernel-preempt-devel-5.3.18-150300.59.182.1 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.182.1 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.182.1 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.182.1 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debugsource-5.3.18-150300.59.182.1 * kernel-zfcpdump-debuginfo-5.3.18-150300.59.182.1 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.182.1 * openSUSE Leap 15.3 (aarch64) * dtb-exynos-5.3.18-150300.59.182.1 * dlm-kmp-64kb-5.3.18-150300.59.182.1 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.182.1 * kernel-64kb-optional-5.3.18-150300.59.182.1 * kselftests-kmp-64kb-5.3.18-150300.59.182.1 * dtb-apm-5.3.18-150300.59.182.1 * dtb-zte-5.3.18-150300.59.182.1 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.182.1 * dtb-amlogic-5.3.18-150300.59.182.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.182.1 * dtb-renesas-5.3.18-150300.59.182.1 * dtb-arm-5.3.18-150300.59.182.1 * dtb-amd-5.3.18-150300.59.182.1 * dtb-broadcom-5.3.18-150300.59.182.1 * dtb-xilinx-5.3.18-150300.59.182.1 * kernel-64kb-devel-5.3.18-150300.59.182.1 * dtb-marvell-5.3.18-150300.59.182.1 * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.182.1 * dtb-nvidia-5.3.18-150300.59.182.1 * reiserfs-kmp-64kb-5.3.18-150300.59.182.1 * gfs2-kmp-64kb-5.3.18-150300.59.182.1 * kernel-64kb-livepatch-devel-5.3.18-150300.59.182.1 * dtb-allwinner-5.3.18-150300.59.182.1 * dtb-socionext-5.3.18-150300.59.182.1 * dtb-al-5.3.18-150300.59.182.1 * cluster-md-kmp-64kb-5.3.18-150300.59.182.1 * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.182.1 * dtb-altera-5.3.18-150300.59.182.1 * dtb-hisilicon-5.3.18-150300.59.182.1 * kernel-64kb-debuginfo-5.3.18-150300.59.182.1 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.182.1 * dtb-lg-5.3.18-150300.59.182.1 * kernel-64kb-extra-5.3.18-150300.59.182.1 * dtb-cavium-5.3.18-150300.59.182.1 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.182.1 * kernel-64kb-debugsource-5.3.18-150300.59.182.1 * dtb-freescale-5.3.18-150300.59.182.1 * dtb-sprd-5.3.18-150300.59.182.1 * dtb-qcom-5.3.18-150300.59.182.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.182.1 * ocfs2-kmp-64kb-5.3.18-150300.59.182.1 * dtb-rockchip-5.3.18-150300.59.182.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.182.1 * dtb-mediatek-5.3.18-150300.59.182.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc) * kernel-default-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.3.18-150300.59.182.1 * kernel-default-debugsource-5.3.18-150300.59.182.1 * kernel-default-debuginfo-5.3.18-150300.59.182.1 * kernel-livepatch-5_3_18-150300_59_182-default-1-150300.7.3.1 * kernel-default-livepatch-5.3.18-150300.59.182.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.182.1 * cluster-md-kmp-default-5.3.18-150300.59.182.1 * kernel-default-debugsource-5.3.18-150300.59.182.1 * dlm-kmp-default-5.3.18-150300.59.182.1 * kernel-default-debuginfo-5.3.18-150300.59.182.1 * ocfs2-kmp-default-5.3.18-150300.59.182.1 * gfs2-kmp-default-5.3.18-150300.59.182.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.182.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.182.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.182.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc) * kernel-default-5.3.18-150300.59.182.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.182.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64) * kernel-64kb-debuginfo-5.3.18-150300.59.182.1 * kernel-64kb-devel-5.3.18-150300.59.182.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-64kb-debugsource-5.3.18-150300.59.182.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150300.59.182.1 * kernel-preempt-5.3.18-150300.59.182.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kernel-syms-5.3.18-150300.59.182.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-default-debugsource-5.3.18-150300.59.182.1 * kernel-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-devel-5.3.18-150300.59.182.1 * kernel-obs-build-debugsource-5.3.18-150300.59.182.1 * reiserfs-kmp-default-5.3.18-150300.59.182.1 * kernel-preempt-debugsource-5.3.18-150300.59.182.1 * kernel-preempt-devel-5.3.18-150300.59.182.1 * kernel-obs-build-5.3.18-150300.59.182.1 * kernel-default-base-5.3.18-150300.59.182.1.150300.18.107.1 * kernel-preempt-debuginfo-5.3.18-150300.59.182.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.182.1 * kernel-macros-5.3.18-150300.59.182.1 * kernel-devel-5.3.18-150300.59.182.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.182.2 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64) * kernel-64kb-debuginfo-5.3.18-150300.59.182.1 * kernel-64kb-devel-5.3.18-150300.59.182.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-64kb-debugsource-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-default-debugsource-5.3.18-150300.59.182.1 * kernel-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-devel-5.3.18-150300.59.182.1 * kernel-obs-build-debugsource-5.3.18-150300.59.182.1 * reiserfs-kmp-default-5.3.18-150300.59.182.1 * kernel-obs-build-5.3.18-150300.59.182.1 * kernel-default-base-5.3.18-150300.59.182.1.150300.18.107.1 * kernel-syms-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * kernel-source-5.3.18-150300.59.182.1 * kernel-macros-5.3.18-150300.59.182.1 * kernel-devel-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch nosrc) * kernel-docs-5.3.18-150300.59.182.2 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64) * kernel-preempt-devel-5.3.18-150300.59.182.1 * kernel-preempt-debugsource-5.3.18-150300.59.182.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-preempt-debuginfo-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x) * kernel-zfcpdump-debugsource-5.3.18-150300.59.182.1 * kernel-zfcpdump-debuginfo-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-default-debugsource-5.3.18-150300.59.182.1 * kernel-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-devel-5.3.18-150300.59.182.1 * kernel-obs-build-debugsource-5.3.18-150300.59.182.1 * reiserfs-kmp-default-5.3.18-150300.59.182.1 * kernel-obs-build-5.3.18-150300.59.182.1 * kernel-default-base-5.3.18-150300.59.182.1.150300.18.107.1 * kernel-syms-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.182.1 * kernel-macros-5.3.18-150300.59.182.1 * kernel-devel-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.182.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64) * kernel-preempt-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * kernel-preempt-devel-5.3.18-150300.59.182.1 * kernel-preempt-debugsource-5.3.18-150300.59.182.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-preempt-debuginfo-5.3.18-150300.59.182.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.182.1 * SUSE Enterprise Storage 7.1 (aarch64) * kernel-64kb-debuginfo-5.3.18-150300.59.182.1 * kernel-64kb-devel-5.3.18-150300.59.182.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-64kb-debugsource-5.3.18-150300.59.182.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150300.59.182.1 * kernel-preempt-5.3.18-150300.59.182.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kernel-syms-5.3.18-150300.59.182.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.182.1 * kernel-default-debugsource-5.3.18-150300.59.182.1 * kernel-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-devel-5.3.18-150300.59.182.1 * kernel-obs-build-debugsource-5.3.18-150300.59.182.1 * reiserfs-kmp-default-5.3.18-150300.59.182.1 * kernel-preempt-debugsource-5.3.18-150300.59.182.1 * kernel-preempt-devel-5.3.18-150300.59.182.1 * kernel-obs-build-5.3.18-150300.59.182.1 * kernel-default-base-5.3.18-150300.59.182.1.150300.18.107.1 * kernel-preempt-debuginfo-5.3.18-150300.59.182.1 * SUSE Enterprise Storage 7.1 (noarch) * kernel-source-5.3.18-150300.59.182.1 * kernel-macros-5.3.18-150300.59.182.1 * kernel-devel-5.3.18-150300.59.182.1 * SUSE Enterprise Storage 7.1 (noarch nosrc) * kernel-docs-5.3.18-150300.59.182.2 * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-debugsource-5.3.18-150300.59.182.1 * kernel-default-base-5.3.18-150300.59.182.1.150300.18.107.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.182.1.150300.18.107.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-debugsource-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.182.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.182.1.150300.18.107.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.182.1 * kernel-default-debugsource-5.3.18-150300.59.182.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47416.html * https://www.suse.com/security/cve/CVE-2021-47589.html * https://www.suse.com/security/cve/CVE-2022-3435.html * https://www.suse.com/security/cve/CVE-2022-45934.html * https://www.suse.com/security/cve/CVE-2022-48664.html * https://www.suse.com/security/cve/CVE-2022-48947.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2022-48960.html * https://www.suse.com/security/cve/CVE-2022-48962.html * https://www.suse.com/security/cve/CVE-2022-48967.html * https://www.suse.com/security/cve/CVE-2022-48970.html * https://www.suse.com/security/cve/CVE-2022-48988.html * https://www.suse.com/security/cve/CVE-2022-48991.html * https://www.suse.com/security/cve/CVE-2022-48999.html * https://www.suse.com/security/cve/CVE-2022-49003.html * https://www.suse.com/security/cve/CVE-2022-49014.html * https://www.suse.com/security/cve/CVE-2022-49015.html * https://www.suse.com/security/cve/CVE-2022-49023.html * https://www.suse.com/security/cve/CVE-2022-49025.html * https://www.suse.com/security/cve/CVE-2023-28327.html * https://www.suse.com/security/cve/CVE-2023-46343.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52919.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://www.suse.com/security/cve/CVE-2024-45016.html * https://www.suse.com/security/cve/CVE-2024-45026.html * https://www.suse.com/security/cve/CVE-2024-46813.html * https://www.suse.com/security/cve/CVE-2024-46814.html * https://www.suse.com/security/cve/CVE-2024-46816.html * https://www.suse.com/security/cve/CVE-2024-46817.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-46849.html * https://www.suse.com/security/cve/CVE-2024-47668.html * https://www.suse.com/security/cve/CVE-2024-47674.html * https://www.suse.com/security/cve/CVE-2024-47684.html * https://www.suse.com/security/cve/CVE-2024-47706.html * https://www.suse.com/security/cve/CVE-2024-47747.html * https://www.suse.com/security/cve/CVE-2024-49860.html * https://www.suse.com/security/cve/CVE-2024-49867.html * https://www.suse.com/security/cve/CVE-2024-49936.html * https://www.suse.com/security/cve/CVE-2024-49969.html * https://www.suse.com/security/cve/CVE-2024-49974.html * https://www.suse.com/security/cve/CVE-2024-49982.html * https://www.suse.com/security/cve/CVE-2024-49991.html * https://www.suse.com/security/cve/CVE-2024-49995.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://bugzilla.suse.com/show_bug.cgi?id=1195775 * https://bugzilla.suse.com/show_bug.cgi?id=1204171 * https://bugzilla.suse.com/show_bug.cgi?id=1205796 * https://bugzilla.suse.com/show_bug.cgi?id=1206344 * https://bugzilla.suse.com/show_bug.cgi?id=1209290 * https://bugzilla.suse.com/show_bug.cgi?id=1216223 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219125 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223524 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1225189 * https://bugzilla.suse.com/show_bug.cgi?id=1225336 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1226211 * https://bugzilla.suse.com/show_bug.cgi?id=1226212 * https://bugzilla.suse.com/show_bug.cgi?id=1226557 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1229042 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229456 * https://bugzilla.suse.com/show_bug.cgi?id=1230429 * https://bugzilla.suse.com/show_bug.cgi?id=1230454 * https://bugzilla.suse.com/show_bug.cgi?id=1231073 * https://bugzilla.suse.com/show_bug.cgi?id=1231191 * https://bugzilla.suse.com/show_bug.cgi?id=1231193 * https://bugzilla.suse.com/show_bug.cgi?id=1231197 * https://bugzilla.suse.com/show_bug.cgi?id=1231200 * https://bugzilla.suse.com/show_bug.cgi?id=1231203 * https://bugzilla.suse.com/show_bug.cgi?id=1231293 * https://bugzilla.suse.com/show_bug.cgi?id=1231375 * https://bugzilla.suse.com/show_bug.cgi?id=1231502 * https://bugzilla.suse.com/show_bug.cgi?id=1231673 * https://bugzilla.suse.com/show_bug.cgi?id=1231861 * https://bugzilla.suse.com/show_bug.cgi?id=1231887 * https://bugzilla.suse.com/show_bug.cgi?id=1231890 * https://bugzilla.suse.com/show_bug.cgi?id=1231893 * https://bugzilla.suse.com/show_bug.cgi?id=1231895 * https://bugzilla.suse.com/show_bug.cgi?id=1231936 * https://bugzilla.suse.com/show_bug.cgi?id=1231938 * https://bugzilla.suse.com/show_bug.cgi?id=1231942 * https://bugzilla.suse.com/show_bug.cgi?id=1231960 * https://bugzilla.suse.com/show_bug.cgi?id=1231961 * https://bugzilla.suse.com/show_bug.cgi?id=1231979 * https://bugzilla.suse.com/show_bug.cgi?id=1231987 * https://bugzilla.suse.com/show_bug.cgi?id=1231988 * https://bugzilla.suse.com/show_bug.cgi?id=1232033 * https://bugzilla.suse.com/show_bug.cgi?id=1232069 * https://bugzilla.suse.com/show_bug.cgi?id=1232070 * https://bugzilla.suse.com/show_bug.cgi?id=1232097 * https://bugzilla.suse.com/show_bug.cgi?id=1232136 * https://bugzilla.suse.com/show_bug.cgi?id=1232145 * https://bugzilla.suse.com/show_bug.cgi?id=1232262 * https://bugzilla.suse.com/show_bug.cgi?id=1232280 * https://bugzilla.suse.com/show_bug.cgi?id=1232282 * https://bugzilla.suse.com/show_bug.cgi?id=1232286 * https://bugzilla.suse.com/show_bug.cgi?id=1232304 * https://bugzilla.suse.com/show_bug.cgi?id=1232383 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232424 * https://bugzilla.suse.com/show_bug.cgi?id=1232432 * https://bugzilla.suse.com/show_bug.cgi?id=1232519

1 0

SUSE-SU-2024:4141-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5)
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:4141-1 Release Date: 2024-12-02T15:35:45Z Rating: important References: * bsc#1225429 * bsc#1225733 * bsc#1229273 * bsc#1229553 Cross-References: * CVE-2021-47517 * CVE-2024-35949 * CVE-2024-36904 * CVE-2024-43861 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_24 fixes several issues. The following security issues were fixed: * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4141=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-4141=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-15-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-15-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-15-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-15-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-15-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-15-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553

1 0

SUSE-SU-2024:4131-1: important: Security update for the Linux Kernel
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:4131-1 Release Date: 2024-12-02T10:00:25Z Rating: important References: * bsc#1204171 * bsc#1205796 * bsc#1206188 * bsc#1206344 * bsc#1209290 * bsc#1210449 * bsc#1210627 * bsc#1213034 * bsc#1216223 * bsc#1216813 * bsc#1218562 * bsc#1220382 * bsc#1223384 * bsc#1223524 * bsc#1223824 * bsc#1225189 * bsc#1225336 * bsc#1225611 * bsc#1226666 * bsc#1228743 * bsc#1229345 * bsc#1229452 * bsc#1229454 * bsc#1229456 * bsc#1229556 * bsc#1230429 * bsc#1230442 * bsc#1230454 * bsc#1230600 * bsc#1230620 * bsc#1230715 * bsc#1230903 * bsc#1231016 * bsc#1231073 * bsc#1231191 * bsc#1231193 * bsc#1231195 * bsc#1231197 * bsc#1231200 * bsc#1231203 * bsc#1231293 * bsc#1231375 * bsc#1231502 * bsc#1231673 * bsc#1231861 * bsc#1231883 * bsc#1231885 * bsc#1231887 * bsc#1231888 * bsc#1231890 * bsc#1231892 * bsc#1231893 * bsc#1231895 * bsc#1231896 * bsc#1231897 * bsc#1231929 * bsc#1231936 * bsc#1231937 * bsc#1231938 * bsc#1231939 * bsc#1231940 * bsc#1231941 * bsc#1231942 * bsc#1231958 * bsc#1231960 * bsc#1231961 * bsc#1231962 * bsc#1231972 * bsc#1231976 * bsc#1231979 * bsc#1231987 * bsc#1231988 * bsc#1231991 * bsc#1231992 * bsc#1231995 * bsc#1231996 * bsc#1231997 * bsc#1232001 * bsc#1232005 * bsc#1232006 * bsc#1232007 * bsc#1232025 * bsc#1232026 * bsc#1232033 * bsc#1232035 * bsc#1232036 * bsc#1232037 * bsc#1232038 * bsc#1232039 * bsc#1232067 * bsc#1232069 * bsc#1232070 * bsc#1232071 * bsc#1232097 * bsc#1232108 * bsc#1232119 * bsc#1232120 * bsc#1232123 * bsc#1232133 * bsc#1232136 * bsc#1232145 * bsc#1232150 * bsc#1232163 * bsc#1232165 * bsc#1232170 * bsc#1232172 * bsc#1232174 * bsc#1232224 * bsc#1232229 * bsc#1232237 * bsc#1232260 * bsc#1232262 * bsc#1232281 * bsc#1232282 * bsc#1232286 * bsc#1232304 * bsc#1232383 * bsc#1232395 * bsc#1232418 * bsc#1232424 * bsc#1232432 * bsc#1232436 * bsc#1232519 * bsc#1233117 * jsc#SLE-24682 Cross-References: * CVE-2021-47416 * CVE-2021-47534 * CVE-2022-3435 * CVE-2022-45934 * CVE-2022-48664 * CVE-2022-48879 * CVE-2022-48946 * CVE-2022-48947 * CVE-2022-48948 * CVE-2022-48949 * CVE-2022-48951 * CVE-2022-48953 * CVE-2022-48954 * CVE-2022-48955 * CVE-2022-48956 * CVE-2022-48959 * CVE-2022-48960 * CVE-2022-48961 * CVE-2022-48962 * CVE-2022-48967 * CVE-2022-48968 * CVE-2022-48969 * CVE-2022-48970 * CVE-2022-48971 * CVE-2022-48972 * CVE-2022-48973 * CVE-2022-48975 * CVE-2022-48977 * CVE-2022-48978 * CVE-2022-48981 * CVE-2022-48985 * CVE-2022-48987 * CVE-2022-48988 * CVE-2022-48991 * CVE-2022-48992 * CVE-2022-48994 * CVE-2022-48995 * CVE-2022-48997 * CVE-2022-48999 * CVE-2022-49000 * CVE-2022-49002 * CVE-2022-49003 * CVE-2022-49005 * CVE-2022-49006 * CVE-2022-49007 * CVE-2022-49010 * CVE-2022-49011 * CVE-2022-49012 * CVE-2022-49014 * CVE-2022-49015 * CVE-2022-49016 * CVE-2022-49019 * CVE-2022-49021 * CVE-2022-49022 * CVE-2022-49023 * CVE-2022-49024 * CVE-2022-49025 * CVE-2022-49026 * CVE-2022-49027 * CVE-2022-49028 * CVE-2022-49029 * CVE-2022-49031 * CVE-2022-49032 * CVE-2023-2166 * CVE-2023-28327 * CVE-2023-52766 * CVE-2023-52800 * CVE-2023-52881 * CVE-2023-52919 * CVE-2023-6270 * CVE-2024-27043 * CVE-2024-42145 * CVE-2024-43854 * CVE-2024-44947 * CVE-2024-45013 * CVE-2024-45016 * CVE-2024-45026 * CVE-2024-46716 * CVE-2024-46813 * CVE-2024-46814 * CVE-2024-46815 * CVE-2024-46816 * CVE-2024-46817 * CVE-2024-46818 * CVE-2024-46849 * CVE-2024-47668 * CVE-2024-47674 * CVE-2024-47684 * CVE-2024-47706 * CVE-2024-47747 * CVE-2024-47748 * CVE-2024-49860 * CVE-2024-49867 * CVE-2024-49925 * CVE-2024-49930 * CVE-2024-49936 * CVE-2024-49945 * CVE-2024-49960 * CVE-2024-49969 * CVE-2024-49974 * CVE-2024-49982 * CVE-2024-49991 * CVE-2024-49995 * CVE-2024-50047 * CVE-2024-50208 CVSS scores: * CVE-2021-47416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47534 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47534 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-3435 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-3435 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-45934 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-45934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48879 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48879 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48946 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48948 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48948 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48949 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48949 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48949 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48951 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48951 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48953 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48953 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48954 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48954 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48955 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48955 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48959 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48959 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48960 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48960 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48961 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48961 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48961 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48962 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48962 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2022-48962 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48967 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48967 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48967 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48968 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48968 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48968 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48969 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48969 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48970 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48971 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48971 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48972 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48972 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48973 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48973 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2022-48973 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48975 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48975 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48977 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48977 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48978 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48978 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2022-48978 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48981 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48981 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2022-48981 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48985 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48987 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48987 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48987 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48988 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48988 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48988 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48992 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48992 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48994 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2022-48994 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48994 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48995 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48995 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48995 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48997 ( SUSE ): 1.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48997 ( SUSE ): 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2022-48997 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48999 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48999 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49000 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49000 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49002 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49002 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49003 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49003 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49003 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49005 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2022-49005 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2022-49005 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49006 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49006 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49006 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49007 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49010 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49011 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49012 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49012 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49014 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49014 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49019 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49019 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49022 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49022 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49024 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49025 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49025 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49026 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49027 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49027 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-49028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49028 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49029 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49029 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49031 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49031 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49032 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49032 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-2166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2166 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28327 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52800 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52800 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-45013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45013 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45016 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45026 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46716 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-46813 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46813 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46814 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46816 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46817 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47668 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-47668 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-47668 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47674 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47674 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47684 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47706 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47706 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47706 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47747 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47747 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47747 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47748 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47748 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47748 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49860 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49867 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49867 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49867 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49925 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49925 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49925 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49930 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49936 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49936 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49945 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49960 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49960 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49969 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49974 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49974 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49974 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49995 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49995 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50208 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50208 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50208 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 105 vulnerabilities, contains one feature and has 19 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345) * CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224) * CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165). * CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233117). * CVE-2022-48879: efi: fix NULL-deref in init error path (bsc#1229556). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). * CVE-2022-48959: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() (bsc#1231976). * CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). * CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). * CVE-2022-48991: mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (bsc#1232070). * CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). * CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442). * CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). * CVE-2024-45026: s390/dasd: fix error recovery leading to data corruption on ESE devices (bsc#1230454). * CVE-2024-46716: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor (bsc#1230715). * CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). * CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231195). * CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). * CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200). * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). * CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073). * CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502). * CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). * CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). * CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). * CVE-2024-47748: vhost_vdpa: assign irq bypass producer token correctly (bsc#1232174). * CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). * CVE-2024-49930: wifi: ath11k: fix array out-of-bound access in SoC stats (bsc#1232260). * CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). * CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395). * CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519). * CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). * CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). * CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). * CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). The following non-security bugs were fixed: * NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016). * PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666). * RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (bsc#1232036). * bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). * dn_route: set rt neigh to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). * initramfs: avoid filename buffer overrun (bsc#1232436). * ipv6: blackhole_netdev needs snmp6 counters (bsc#1216813). * ipv6: give an IPv6 dev to blackhole_netdev (bsc#1216813). * net: mana: Fix the extra HZ in mana_hwc_send_request (bsc#1232033). * x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382). * x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382). * xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4131=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4131=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4131=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4131=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4131=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-4131=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-4131=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4131=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4131=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4131=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4131=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4131=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4131=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4131=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4131=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-1-150400.9.5.1 * kernel-livepatch-5_14_21-150400_24_141-default-1-150400.9.5.1 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-1-150400.9.5.1 * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.141.1 * openSUSE Leap 15.4 (noarch) * kernel-docs-html-5.14.21-150400.24.141.1 * kernel-devel-5.14.21-150400.24.141.1 * kernel-source-vanilla-5.14.21-150400.24.141.1 * kernel-macros-5.14.21-150400.24.141.1 * kernel-source-5.14.21-150400.24.141.1 * openSUSE Leap 15.4 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150400.24.141.1 * openSUSE Leap 15.4 (ppc64le x86_64) * kernel-debug-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-debug-livepatch-devel-5.14.21-150400.24.141.1 * kernel-debug-devel-5.14.21-150400.24.141.1 * kernel-debug-debuginfo-5.14.21-150400.24.141.1 * kernel-debug-debugsource-5.14.21-150400.24.141.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-default-base-rebuild-5.14.21-150400.24.141.1.150400.24.68.2 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.141.1 * kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2 * kernel-kvmsmall-debugsource-5.14.21-150400.24.141.1 * kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.141.1 * kernel-kvmsmall-devel-5.14.21-150400.24.141.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-5.14.21-150400.24.141.1 * kernel-default-debugsource-5.14.21-150400.24.141.1 * kernel-obs-build-debugsource-5.14.21-150400.24.141.1 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.141.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.141.1 * kernel-syms-5.14.21-150400.24.141.1 * kselftests-kmp-default-5.14.21-150400.24.141.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.141.1 * reiserfs-kmp-default-5.14.21-150400.24.141.1 * dlm-kmp-default-5.14.21-150400.24.141.1 * kernel-obs-qa-5.14.21-150400.24.141.1 * kernel-default-extra-5.14.21-150400.24.141.1 * kernel-default-livepatch-devel-5.14.21-150400.24.141.1 * kernel-default-livepatch-5.14.21-150400.24.141.1 * ocfs2-kmp-default-5.14.21-150400.24.141.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-default-optional-5.14.21-150400.24.141.1 * kernel-default-optional-debuginfo-5.14.21-150400.24.141.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.141.1 * cluster-md-kmp-default-5.14.21-150400.24.141.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.141.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.141.1 * gfs2-kmp-default-5.14.21-150400.24.141.1 * kernel-default-devel-5.14.21-150400.24.141.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.141.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.141.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.141.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.141.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.141.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.141.1 * openSUSE Leap 15.4 (aarch64) * dtb-mediatek-5.14.21-150400.24.141.1 * kernel-64kb-debuginfo-5.14.21-150400.24.141.1 * dtb-arm-5.14.21-150400.24.141.1 * dtb-allwinner-5.14.21-150400.24.141.1 * dtb-amlogic-5.14.21-150400.24.141.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.141.1 * dtb-broadcom-5.14.21-150400.24.141.1 * dtb-rockchip-5.14.21-150400.24.141.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.141.1 * kernel-64kb-livepatch-devel-5.14.21-150400.24.141.1 * kernel-64kb-optional-5.14.21-150400.24.141.1 * dtb-freescale-5.14.21-150400.24.141.1 * dtb-nvidia-5.14.21-150400.24.141.1 * dtb-exynos-5.14.21-150400.24.141.1 * reiserfs-kmp-64kb-5.14.21-150400.24.141.1 * dtb-cavium-5.14.21-150400.24.141.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.141.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.141.1 * kselftests-kmp-64kb-5.14.21-150400.24.141.1 * dtb-hisilicon-5.14.21-150400.24.141.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.141.1 * dtb-apm-5.14.21-150400.24.141.1 * kernel-64kb-debugsource-5.14.21-150400.24.141.1 * ocfs2-kmp-64kb-5.14.21-150400.24.141.1 * dtb-altera-5.14.21-150400.24.141.1 * dtb-sprd-5.14.21-150400.24.141.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.141.1 * dlm-kmp-64kb-5.14.21-150400.24.141.1 * kernel-64kb-extra-5.14.21-150400.24.141.1 * dtb-qcom-5.14.21-150400.24.141.1 * kernel-64kb-devel-5.14.21-150400.24.141.1 * dtb-amd-5.14.21-150400.24.141.1 * dtb-marvell-5.14.21-150400.24.141.1 * dtb-socionext-5.14.21-150400.24.141.1 * dtb-xilinx-5.14.21-150400.24.141.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.141.1 * dtb-amazon-5.14.21-150400.24.141.1 * cluster-md-kmp-64kb-5.14.21-150400.24.141.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.141.1 * dtb-renesas-5.14.21-150400.24.141.1 * gfs2-kmp-64kb-5.14.21-150400.24.141.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.141.1 * dtb-lg-5.14.21-150400.24.141.1 * dtb-apple-5.14.21-150400.24.141.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.141.1 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.141.1 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.141.1 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.141.1 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.141.1 * kernel-default-livepatch-5.14.21-150400.24.141.1 * kernel-livepatch-SLE15-SP4_Update_33-debugsource-1-150400.9.5.1 * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-1-150400.9.5.1 * kernel-livepatch-5_14_21-150400_24_141-default-1-150400.9.5.1 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-livepatch-devel-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-5.14.21-150400.24.141.1 * kernel-default-debugsource-5.14.21-150400.24.141.1 * ocfs2-kmp-default-5.14.21-150400.24.141.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.141.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.141.1 * gfs2-kmp-default-5.14.21-150400.24.141.1 * dlm-kmp-default-5.14.21-150400.24.141.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.141.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-64kb-devel-5.14.21-150400.24.141.1 * kernel-64kb-debugsource-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kernel-syms-5.14.21-150400.24.141.1 * kernel-obs-build-5.14.21-150400.24.141.1 * kernel-default-debugsource-5.14.21-150400.24.141.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2 * kernel-obs-build-debugsource-5.14.21-150400.24.141.1 * reiserfs-kmp-default-5.14.21-150400.24.141.1 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.141.1 * kernel-macros-5.14.21-150400.24.141.1 * kernel-source-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.141.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-64kb-devel-5.14.21-150400.24.141.1 * kernel-64kb-debugsource-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kernel-syms-5.14.21-150400.24.141.1 * kernel-obs-build-5.14.21-150400.24.141.1 * kernel-default-debugsource-5.14.21-150400.24.141.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2 * kernel-obs-build-debugsource-5.14.21-150400.24.141.1 * reiserfs-kmp-default-5.14.21-150400.24.141.1 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.141.1 * kernel-macros-5.14.21-150400.24.141.1 * kernel-source-5.14.21-150400.24.141.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (nosrc x86_64) * kernel-default-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * kernel-syms-5.14.21-150400.24.141.1 * kernel-obs-build-5.14.21-150400.24.141.1 * kernel-default-debugsource-5.14.21-150400.24.141.1 * kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2 * kernel-obs-build-debugsource-5.14.21-150400.24.141.1 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-5.14.21-150400.24.141.1 * kernel-default-extra-5.14.21-150400.24.141.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * kernel-devel-5.14.21-150400.24.141.1 * kernel-macros-5.14.21-150400.24.141.1 * kernel-source-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch nosrc) * kernel-docs-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.141.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-64kb-devel-5.14.21-150400.24.141.1 * kernel-64kb-debugsource-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kernel-syms-5.14.21-150400.24.141.1 * kernel-obs-build-5.14.21-150400.24.141.1 * kernel-default-debugsource-5.14.21-150400.24.141.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.141.1 * kernel-obs-build-debugsource-5.14.21-150400.24.141.1 * reiserfs-kmp-default-5.14.21-150400.24.141.1 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * kernel-devel-5.14.21-150400.24.141.1 * kernel-macros-5.14.21-150400.24.141.1 * kernel-source-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch nosrc) * kernel-docs-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.141.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kernel-syms-5.14.21-150400.24.141.1 * kernel-obs-build-5.14.21-150400.24.141.1 * kernel-default-debugsource-5.14.21-150400.24.141.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2 * kernel-obs-build-debugsource-5.14.21-150400.24.141.1 * reiserfs-kmp-default-5.14.21-150400.24.141.1 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.141.1 * kernel-macros-5.14.21-150400.24.141.1 * kernel-source-5.14.21-150400.24.141.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.141.1 * SUSE Manager Proxy 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.141.1 * SUSE Manager Proxy 4.3 (x86_64) * kernel-syms-5.14.21-150400.24.141.1 * kernel-default-debugsource-5.14.21-150400.24.141.1 * kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-5.14.21-150400.24.141.1 * SUSE Manager Proxy 4.3 (noarch) * kernel-devel-5.14.21-150400.24.141.1 * kernel-macros-5.14.21-150400.24.141.1 * kernel-source-5.14.21-150400.24.141.1 * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.141.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * kernel-default-debugsource-5.14.21-150400.24.141.1 * kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-5.14.21-150400.24.141.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * kernel-devel-5.14.21-150400.24.141.1 * kernel-macros-5.14.21-150400.24.141.1 * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150400.24.141.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * kernel-syms-5.14.21-150400.24.141.1 * kernel-default-debugsource-5.14.21-150400.24.141.1 * kernel-default-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.141.1 * kernel-default-devel-5.14.21-150400.24.141.1 * SUSE Manager Server 4.3 (noarch) * kernel-devel-5.14.21-150400.24.141.1 * kernel-macros-5.14.21-150400.24.141.1 * kernel-source-5.14.21-150400.24.141.1 * SUSE Manager Server 4.3 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.141.1 * SUSE Manager Server 4.3 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.141.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.141.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47416.html * https://www.suse.com/security/cve/CVE-2021-47534.html * https://www.suse.com/security/cve/CVE-2022-3435.html * https://www.suse.com/security/cve/CVE-2022-45934.html * https://www.suse.com/security/cve/CVE-2022-48664.html * https://www.suse.com/security/cve/CVE-2022-48879.html * https://www.suse.com/security/cve/CVE-2022-48946.html * https://www.suse.com/security/cve/CVE-2022-48947.html * https://www.suse.com/security/cve/CVE-2022-48948.html * https://www.suse.com/security/cve/CVE-2022-48949.html * https://www.suse.com/security/cve/CVE-2022-48951.html * https://www.suse.com/security/cve/CVE-2022-48953.html * https://www.suse.com/security/cve/CVE-2022-48954.html * https://www.suse.com/security/cve/CVE-2022-48955.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2022-48959.html * https://www.suse.com/security/cve/CVE-2022-48960.html * https://www.suse.com/security/cve/CVE-2022-48961.html * https://www.suse.com/security/cve/CVE-2022-48962.html * https://www.suse.com/security/cve/CVE-2022-48967.html * https://www.suse.com/security/cve/CVE-2022-48968.html * https://www.suse.com/security/cve/CVE-2022-48969.html * https://www.suse.com/security/cve/CVE-2022-48970.html * https://www.suse.com/security/cve/CVE-2022-48971.html * https://www.suse.com/security/cve/CVE-2022-48972.html * https://www.suse.com/security/cve/CVE-2022-48973.html * https://www.suse.com/security/cve/CVE-2022-48975.html * https://www.suse.com/security/cve/CVE-2022-48977.html * https://www.suse.com/security/cve/CVE-2022-48978.html * https://www.suse.com/security/cve/CVE-2022-48981.html * https://www.suse.com/security/cve/CVE-2022-48985.html * https://www.suse.com/security/cve/CVE-2022-48987.html * https://www.suse.com/security/cve/CVE-2022-48988.html * https://www.suse.com/security/cve/CVE-2022-48991.html * https://www.suse.com/security/cve/CVE-2022-48992.html * https://www.suse.com/security/cve/CVE-2022-48994.html * https://www.suse.com/security/cve/CVE-2022-48995.html * https://www.suse.com/security/cve/CVE-2022-48997.html * https://www.suse.com/security/cve/CVE-2022-48999.html * https://www.suse.com/security/cve/CVE-2022-49000.html * https://www.suse.com/security/cve/CVE-2022-49002.html * https://www.suse.com/security/cve/CVE-2022-49003.html * https://www.suse.com/security/cve/CVE-2022-49005.html * https://www.suse.com/security/cve/CVE-2022-49006.html * https://www.suse.com/security/cve/CVE-2022-49007.html * https://www.suse.com/security/cve/CVE-2022-49010.html * https://www.suse.com/security/cve/CVE-2022-49011.html * https://www.suse.com/security/cve/CVE-2022-49012.html * https://www.suse.com/security/cve/CVE-2022-49014.html * https://www.suse.com/security/cve/CVE-2022-49015.html * https://www.suse.com/security/cve/CVE-2022-49016.html * https://www.suse.com/security/cve/CVE-2022-49019.html * https://www.suse.com/security/cve/CVE-2022-49021.html * https://www.suse.com/security/cve/CVE-2022-49022.html * https://www.suse.com/security/cve/CVE-2022-49023.html * https://www.suse.com/security/cve/CVE-2022-49024.html * https://www.suse.com/security/cve/CVE-2022-49025.html * https://www.suse.com/security/cve/CVE-2022-49026.html * https://www.suse.com/security/cve/CVE-2022-49027.html * https://www.suse.com/security/cve/CVE-2022-49028.html * https://www.suse.com/security/cve/CVE-2022-49029.html * https://www.suse.com/security/cve/CVE-2022-49031.html * https://www.suse.com/security/cve/CVE-2022-49032.html * https://www.suse.com/security/cve/CVE-2023-2166.html * https://www.suse.com/security/cve/CVE-2023-28327.html * https://www.suse.com/security/cve/CVE-2023-52766.html * https://www.suse.com/security/cve/CVE-2023-52800.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52919.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-43854.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://www.suse.com/security/cve/CVE-2024-45013.html * https://www.suse.com/security/cve/CVE-2024-45016.html * https://www.suse.com/security/cve/CVE-2024-45026.html * https://www.suse.com/security/cve/CVE-2024-46716.html * https://www.suse.com/security/cve/CVE-2024-46813.html * https://www.suse.com/security/cve/CVE-2024-46814.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46816.html * https://www.suse.com/security/cve/CVE-2024-46817.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-46849.html * https://www.suse.com/security/cve/CVE-2024-47668.html * https://www.suse.com/security/cve/CVE-2024-47674.html * https://www.suse.com/security/cve/CVE-2024-47684.html * https://www.suse.com/security/cve/CVE-2024-47706.html * https://www.suse.com/security/cve/CVE-2024-47747.html * https://www.suse.com/security/cve/CVE-2024-47748.html * https://www.suse.com/security/cve/CVE-2024-49860.html * https://www.suse.com/security/cve/CVE-2024-49867.html * https://www.suse.com/security/cve/CVE-2024-49925.html * https://www.suse.com/security/cve/CVE-2024-49930.html * https://www.suse.com/security/cve/CVE-2024-49936.html * https://www.suse.com/security/cve/CVE-2024-49945.html * https://www.suse.com/security/cve/CVE-2024-49960.html * https://www.suse.com/security/cve/CVE-2024-49969.html * https://www.suse.com/security/cve/CVE-2024-49974.html * https://www.suse.com/security/cve/CVE-2024-49982.html * https://www.suse.com/security/cve/CVE-2024-49991.html * https://www.suse.com/security/cve/CVE-2024-49995.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://www.suse.com/security/cve/CVE-2024-50208.html * https://bugzilla.suse.com/show_bug.cgi?id=1204171 * https://bugzilla.suse.com/show_bug.cgi?id=1205796 * https://bugzilla.suse.com/show_bug.cgi?id=1206188 * https://bugzilla.suse.com/show_bug.cgi?id=1206344 * https://bugzilla.suse.com/show_bug.cgi?id=1209290 * https://bugzilla.suse.com/show_bug.cgi?id=1210449 * https://bugzilla.suse.com/show_bug.cgi?id=1210627 * https://bugzilla.suse.com/show_bug.cgi?id=1213034 * https://bugzilla.suse.com/show_bug.cgi?id=1216223 * https://bugzilla.suse.com/show_bug.cgi?id=1216813 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1220382 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223524 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1225189 * https://bugzilla.suse.com/show_bug.cgi?id=1225336 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1226666 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1229345 * https://bugzilla.suse.com/show_bug.cgi?id=1229452 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229456 * https://bugzilla.suse.com/show_bug.cgi?id=1229556 * https://bugzilla.suse.com/show_bug.cgi?id=1230429 * https://bugzilla.suse.com/show_bug.cgi?id=1230442 * https://bugzilla.suse.com/show_bug.cgi?id=1230454 * https://bugzilla.suse.com/show_bug.cgi?id=1230600 * https://bugzilla.suse.com/show_bug.cgi?id=1230620 * https://bugzilla.suse.com/show_bug.cgi?id=1230715 * https://bugzilla.suse.com/show_bug.cgi?id=1230903 * https://bugzilla.suse.com/show_bug.cgi?id=1231016 * https://bugzilla.suse.com/show_bug.cgi?id=1231073 * https://bugzilla.suse.com/show_bug.cgi?id=1231191 * https://bugzilla.suse.com/show_bug.cgi?id=1231193 * https://bugzilla.suse.com/show_bug.cgi?id=1231195 * https://bugzilla.suse.com/show_bug.cgi?id=1231197 * https://bugzilla.suse.com/show_bug.cgi?id=1231200 * https://bugzilla.suse.com/show_bug.cgi?id=1231203 * https://bugzilla.suse.com/show_bug.cgi?id=1231293 * https://bugzilla.suse.com/show_bug.cgi?id=1231375 * https://bugzilla.suse.com/show_bug.cgi?id=1231502 * https://bugzilla.suse.com/show_bug.cgi?id=1231673 * https://bugzilla.suse.com/show_bug.cgi?id=1231861 * https://bugzilla.suse.com/show_bug.cgi?id=1231883 * https://bugzilla.suse.com/show_bug.cgi?id=1231885 * https://bugzilla.suse.com/show_bug.cgi?id=1231887 * https://bugzilla.suse.com/show_bug.cgi?id=1231888 * https://bugzilla.suse.com/show_bug.cgi?id=1231890 * https://bugzilla.suse.com/show_bug.cgi?id=1231892 * https://bugzilla.suse.com/show_bug.cgi?id=1231893 * https://bugzilla.suse.com/show_bug.cgi?id=1231895 * https://bugzilla.suse.com/show_bug.cgi?id=1231896 * https://bugzilla.suse.com/show_bug.cgi?id=1231897 * https://bugzilla.suse.com/show_bug.cgi?id=1231929 * https://bugzilla.suse.com/show_bug.cgi?id=1231936 * https://bugzilla.suse.com/show_bug.cgi?id=1231937 * https://bugzilla.suse.com/show_bug.cgi?id=1231938 * https://bugzilla.suse.com/show_bug.cgi?id=1231939 * https://bugzilla.suse.com/show_bug.cgi?id=1231940 * https://bugzilla.suse.com/show_bug.cgi?id=1231941 * https://bugzilla.suse.com/show_bug.cgi?id=1231942 * https://bugzilla.suse.com/show_bug.cgi?id=1231958 * https://bugzilla.suse.com/show_bug.cgi?id=1231960 * https://bugzilla.suse.com/show_bug.cgi?id=1231961 * https://bugzilla.suse.com/show_bug.cgi?id=1231962 * https://bugzilla.suse.com/show_bug.cgi?id=1231972 * https://bugzilla.suse.com/show_bug.cgi?id=1231976 * https://bugzilla.suse.com/show_bug.cgi?id=1231979 * https://bugzilla.suse.com/show_bug.cgi?id=1231987 * https://bugzilla.suse.com/show_bug.cgi?id=1231988 * https://bugzilla.suse.com/show_bug.cgi?id=1231991 * https://bugzilla.suse.com/show_bug.cgi?id=1231992 * https://bugzilla.suse.com/show_bug.cgi?id=1231995 * https://bugzilla.suse.com/show_bug.cgi?id=1231996 * https://bugzilla.suse.com/show_bug.cgi?id=1231997 * https://bugzilla.suse.com/show_bug.cgi?id=1232001 * https://bugzilla.suse.com/show_bug.cgi?id=1232005 * https://bugzilla.suse.com/show_bug.cgi?id=1232006 * https://bugzilla.suse.com/show_bug.cgi?id=1232007 * https://bugzilla.suse.com/show_bug.cgi?id=1232025 * https://bugzilla.suse.com/show_bug.cgi?id=1232026 * https://bugzilla.suse.com/show_bug.cgi?id=1232033 * https://bugzilla.suse.com/show_bug.cgi?id=1232035 * https://bugzilla.suse.com/show_bug.cgi?id=1232036 * https://bugzilla.suse.com/show_bug.cgi?id=1232037 * https://bugzilla.suse.com/show_bug.cgi?id=1232038 * https://bugzilla.suse.com/show_bug.cgi?id=1232039 * https://bugzilla.suse.com/show_bug.cgi?id=1232067 * https://bugzilla.suse.com/show_bug.cgi?id=1232069 * https://bugzilla.suse.com/show_bug.cgi?id=1232070 * https://bugzilla.suse.com/show_bug.cgi?id=1232071 * https://bugzilla.suse.com/show_bug.cgi?id=1232097 * https://bugzilla.suse.com/show_bug.cgi?id=1232108 * https://bugzilla.suse.com/show_bug.cgi?id=1232119 * https://bugzilla.suse.com/show_bug.cgi?id=1232120 * https://bugzilla.suse.com/show_bug.cgi?id=1232123 * https://bugzilla.suse.com/show_bug.cgi?id=1232133 * https://bugzilla.suse.com/show_bug.cgi?id=1232136 * https://bugzilla.suse.com/show_bug.cgi?id=1232145 * https://bugzilla.suse.com/show_bug.cgi?id=1232150 * https://bugzilla.suse.com/show_bug.cgi?id=1232163 * https://bugzilla.suse.com/show_bug.cgi?id=1232165 * https://bugzilla.suse.com/show_bug.cgi?id=1232170 * https://bugzilla.suse.com/show_bug.cgi?id=1232172 * https://bugzilla.suse.com/show_bug.cgi?id=1232174 * https://bugzilla.suse.com/show_bug.cgi?id=1232224 * https://bugzilla.suse.com/show_bug.cgi?id=1232229 * https://bugzilla.suse.com/show_bug.cgi?id=1232237 * https://bugzilla.suse.com/show_bug.cgi?id=1232260 * https://bugzilla.suse.com/show_bug.cgi?id=1232262 * https://bugzilla.suse.com/show_bug.cgi?id=1232281 * https://bugzilla.suse.com/show_bug.cgi?id=1232282 * https://bugzilla.suse.com/show_bug.cgi?id=1232286 * https://bugzilla.suse.com/show_bug.cgi?id=1232304 * https://bugzilla.suse.com/show_bug.cgi?id=1232383 * https://bugzilla.suse.com/show_bug.cgi?id=1232395 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232424 * https://bugzilla.suse.com/show_bug.cgi?id=1232432 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1232519 * https://bugzilla.suse.com/show_bug.cgi?id=1233117 * https://jira.suse.com/browse/SLE-24682

1 0

SUSE-SU-2024:4120-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5)
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:4120-1 Release Date: 2024-12-02T09:14:50Z Rating: important References: * bsc#1225429 * bsc#1225733 * bsc#1229273 * bsc#1229553 Cross-References: * CVE-2021-47517 * CVE-2024-35949 * CVE-2024-36904 * CVE-2024-43861 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_30 fixes several issues. The following security issues were fixed: * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4120=1 SUSE-2024-4121=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-4120=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-4121=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-14-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-13-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-13-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-14-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-14-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-13-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-13-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-14-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553

1 0

SUSE-SU-2024:4122-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:4122-1 Release Date: 2024-12-02T09:14:56Z Rating: important References: * bsc#1219296 * bsc#1220145 * bsc#1220211 * bsc#1220828 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229553 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2023-52340 * CVE-2023-52502 * CVE-2023-52752 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26622 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52340 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 34 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_35 fixes several issues. The following security issues were fixed: * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2022-48662: Update for 'really move i915_gem_context.link under ref protection' (bsc#1223521) * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220211). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4122=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-4122=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-11-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-11-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-11-150500.11.8.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-11-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-11-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-11-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553

1 0

SUSE-SU-2024:4123-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP5)
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:4123-1 Release Date: 2024-12-02T09:15:01Z Rating: important References: * bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229553 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2023-52502 * CVE-2023-52752 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 30 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_38 fixes several issues. The following security issues were fixed: * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2022-48662: Update for 'really move i915_gem_context.link under ref protection' (bsc#1223521) * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-4123=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4123=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-9-150500.11.6.1 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-9-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553

1 0

SUSE-SU-2024:4124-1: important: Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP5)
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:4124-1 Release Date: 2024-12-02T09:15:06Z Rating: important References: * bsc#1221302 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229553 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 25 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_47 fixes several issues. The following security issues were fixed: * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2022-48662: Update for 'really move i915_gem_context.link under ref protection' (bsc#1223521) * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4124=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-4124=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-9-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-9-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-9-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-9-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553

1 0

SUSE-SU-2024:4125-1: important: Security update for the Linux Kernel RT (Live Patch 15 for SLE 15 SP5)
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for the Linux Kernel RT (Live Patch 15 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:4125-1 Release Date: 2024-12-02T09:15:16Z Rating: important References: * bsc#1223363 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225311 * bsc#1225312 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229553 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 20 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_55 fixes several issues. The following security issues were fixed: * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4125=1 SUSE-2024-4126=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-4125=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-4126=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_55-rt-7-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource-7-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_15-debugsource-7-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_52-rt-7-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_55-rt-debuginfo-7-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo-7-150500.11.8.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_55-rt-7-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource-7-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_15-debugsource-7-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_52-rt-7-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_55-rt-debuginfo-7-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo-7-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553

1 0

SUSE-SU-2024:4127-1: important: Security update for the Linux Kernel RT (Live Patch 16 for SLE 15 SP5)
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for the Linux Kernel RT (Live Patch 16 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:4127-1 Release Date: 2024-12-02T09:15:21Z Rating: important References: * bsc#1223683 * bsc#1225099 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1227471 * bsc#1228349 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229553 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26923 * CVE-2024-35949 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-40909 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 12 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_58 fixes several issues. The following security issues were fixed: * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-4127=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4127=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_16-debugsource-6-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_58-rt-debuginfo-6-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_58-rt-6-150500.11.6.1 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_16-debugsource-6-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_58-rt-debuginfo-6-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_58-rt-6-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553

1 0

SUSE-SU-2024:4128-1: important: Security update for the Linux Kernel RT (Live Patch 17 for SLE 15 SP5)
by OPENSUSE-SECURITY-UPDATES 02 Dec '24

02 Dec '24

# Security update for the Linux Kernel RT (Live Patch 17 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:4128-1 Release Date: 2024-12-02T09:15:26Z Rating: important References: * bsc#1225429 * bsc#1227471 * bsc#1228349 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229553 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2024-35949 * CVE-2024-40909 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_61 fixes several issues. The following security issues were fixed: * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4128=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-4128=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_61-rt-4-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_61-rt-4-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553

1 0

Advance discontinuation notice of openSUSE Leap 15.5
by Marcus Meissner 02 Dec '24

02 Dec '24

Hi, SUSE Linux Enterprise Server 15 SP5 leaves its regular maintenance and support phase on December 31st 2024. As openSUSE Leap 15.5 uses the SLES 15 SP5 updates, also openSUSE Leap 15.5 support from openSUSE Maintenance and Security will end on December 31st 2024. An upgrade to openSUSE Leap 15.6 is recommended. Ciao, Marcus -- Marcus Meissner (he/him), Distinguished Engineer / Senior Project Manager Security SUSE Software Solutions Germany GmbH, Frankenstrasse 146, 90461 Nuernberg, Germany GF: Ivo Totev, Andrew McDonald, Werner Knoblich, HRB 36809, AG Nuernberg

1 0

openSUSE-SU-2024:0384-1: moderate: Security update for zabbix
by opensuse-security＠opensuse.org 01 Dec '24

01 Dec '24

openSUSE Security Update: Security update for zabbix ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0384-1 Rating: moderate References: #1229198 #1229204 Cross-References: CVE-2024-22114 CVE-2024-36461 CVSS scores: CVE-2024-22114 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2024-36461 (SUSE): 9.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for zabbix fixes the following issues: Zabbix was updated to 6.0.33: - this version fixes CVE-2024-36461 and CVE-2024-22114 - New Features and Improvements + ZBXNEXT-9000 Changed query table for ASM disk group metrics in Oracle Database plugin and Oracle by ODBC template Agent Templates + ZBXNEXT-9217 Added AWS Lambda by HTTP template Templates + ZBXNEXT-9293 Updated max supported MySQL version to 9.0 Proxy Server + ZBXNEXT-8657 Updated Zabbix health templates with new visualization Templates + ZBXNEXT-9143 Added index on auditlog recordsetid Server + ZBXNEXT-9081 Added Small Computer System Interface (SCSI) device type support to Zabbix agent 2 Smart plugin Agent + ZBXNEXT-6445 Added recovery expression for fuzzytime triggers in Linux and Windows templates, removed fuzzytime triggers from active agent templates Templates + ZBXNEXT-9201 Updated max supported MySQL version to 8.4 Proxy Server + ZBXNEXT-9225 Updated max supported TimescaleDB version to 2.15 Server + ZBXNEXT-9226 Updated max supported MariaDB version to 11.4 Proxy Server + ZBXNEXT-8868 Added discovery and template for Azure VM Scale Sets Templates - Bug Fixes + BX-24947 Fixed PHP runtime errors while processing frontend notifications Frontend + ZBX-24824 Improved loadable plugin connection broker Agent + ZBX-24583 Fixed inability to export/import web scenario with digest authentication API + ZBX-23905 Fixed double scroll in script dialogs Frontend + ZBX-18767 Fixed word breaks in flexible text input fields and trigger expressions Frontend + ZBX-24909 Fixed resolving of macro functions in the "Item value" widget Frontend + ZBX-24859 Fixed JavaScript in S3 buckets discovery rule Templates + ZBX-24617 Fixed hardcoded region in AWS by HTTP template Templates + ZBX-24524 Fixed "New values per second" statistic to include dependent items in calculation Proxy Server + ZBX-24821 Made 'execute_on' value being recorded in audit only for shell scripts Server + ZBX-23312 Fixed discovery edit form being saved incorrectly after dcheck update Frontend + ZBX-24773 Fixed duplicate item preprocessing in Kubernetes Kubelet by HTTP template Templates + ZBX-24514 Fixed standalone Zabbix server and Zabbix proxy not stopping when database is read-only Proxy Server + ZBX-23936 Fixed state and styling of readonly fields Frontend + ZBX-24520 Fixed an issue with incorrect translations used in several frontend places Frontend + ZBX-21815 Fixed issue with undefined offset for media type when it was deleted before saving the user Frontend + ZBX-24108 Fixed error in dashboard if Map widget contains map element that user doesn't have access to Frontend + ZBX-24569 Fixed old and added new items to Azure Virtual Machine template Templates + ZBX-24537 Fixed tags subfilter in Latest data kiosk mode Frontend + ZBX-24167 Fixed template linkage when item prototype collision is found Server + ZBX-23770 Improved monitoring user permissions documentation for Zabbix agent 2 Oracle plugin and Oracle by ODBC template Documentation + ZBX-24565 Removed redundant kernel header include, fixed musl compatibility issues (thanks to Alpine Linux maintainers for spotting this) + ZBX-24610 Fixed interface field appearance for discovered items without interface set Frontend + ZBX-24562 Fixed incorrect problem order in Problems by severity widget's hintbox Frontend + ZBX-23751 Fixed inability to pass an action filter condition without an "operator" property, implying a default value of "Equal" API + ZBX-21429 Prevented ability to disable all UI element access via role.update API API + ZBX-19271 Fixed inconsistent tag row rendering in different edit forms Frontend + ZBX-24539 Fixed incorrect threshold in trigger expression of Check Point Next Generation Firewall by SNMP template Templates + ZBX-24667 Fixed vm.memory.size[pused] item on Solaris Agent + ZBX-23781 Added storage volumes check in HPE iLO by HTTP template Templates + ZBX-24391 Fixed Zabbix agent to return net.tcp.socket.count result without error if IPv6 is disabled Agent + ZBX-24235 Fixed value misalignment in Item value widget Frontend + ZBX-24352 Fixed custom severity name usage in Geomap widget Frontend + ZBX-24665 Fixed potential problem with deprecated GCE Integrity feature Templates + ZBX-20993 Fixed Zabbix agent 2 MQTT plugin clientID to be generated by strict requirements Agent + ZBX-23426 Added dependent item with JavaScript preprocessing for edges SD-WAN in VMWare SD-WAN VeloCloud by HTTP template Templates + ZBX-24566 Fixed crash when expression macro is used in unsupported location Server + ZBX-24450 Fixed issue where graph could differ for data gathered from PostgreSQL and other databases Frontend + ZBX-24513 Fixed real-time export of rarely updated trends Server + ZBX-24163 Fixed submap addition in Map navigation tree widget to not append same submaps repeatedly Frontend + ZBX-23398 Fixed trigger expression constructor incorrectly showing '<' and '>' operators Frontend + ZBX-23584 Fixed error message being displayed when updating host after changing item status Frontend + ZBX-24635 Fixed datastore triggers in VMware templates Templates Update to 6.0.31: - New Features and Improvements + ZBXNEXT-9140 Added support for custom compartments in Oracle Cloud by HTTP templates Templates + ZBXNEXT-9034 Added Jira Data Center by JMX template Templates + ZBXNEXT-8682 Introduced a length limit of 512KB for item test values that server returns to Zabbix frontend Frontend Server + ZBXNEXT-8248 Added database filter macros to MySQL templates Templates + ZBXNEXT-6698 Removed absolute threshold and timeleft from OS template triggers of filesystem space Templates + ZBXNEXT-7930 Added user macro support for username and password fields in email media type Server + ZBXCTR-22 Refactored JavaScript filter functions for Kubernetes templates Templates + ZBXNEXT-9098 Added AWS ELB Network Load Balancer by HTTP template Templates + ZBXNEXT-6864 Replaced {HOST.CONN} with user macros in templates Templates + ZBXNEXT-9117 Updated max supported MariaDB version to 11.3 Proxy Server + ZBXNEXT-9026 Added Go compiler version to Zabbix agent 2 version output Agent + ZBXNEXT-8786 Changed 'odbc.discovery' keys to 'odbc.get' in MySQL by ODBC and Oracle by ODBC templates Templates + ZBXNEXT-8536 Added cbdhsvc service to macros in Windows agent templates Templates + ZBXNEXT-8861 Made changes and added more metrics to the FortiGate by SNMP template Templates + ZBXNEXT-8240 Added a new set of templates for integration with Oracle Cloud Infrastructure Templates - Bug Fixes + ZBX-24483 Improved memory usage in Zabbix server/proxy trappers and in proxy pollers when sending large configuration Proxy Server + ZBX-23073 Fixed URL widget resizing and dragging Frontend + ZBX-24574 Fixed HA node flipping between standby and active states Server + ZBX-24119 Fixed possible blocking of alert manager when it periodically pings database Server + ZBX-7998 Added VMware service username, password and URL check for empty values Proxy Server + ZBX-24402 Reduced main process connections to database during startup Proxy Server + ZBX-24369 Fixed filter behavior in monitoring pages after deleting filter parameters Frontend + ZBX-24484 Fixed Geomap widget console error when dragging map in widget edit mode Frontend + ZBX-23337 Improved supported version documentation for Oracle Database plugin and both templates Documentation + ZBX-24180 Fixed inability to import existing host or template when its dependent item prototype, which is used in trigger prototypes or graph prototypes, would have a different master item API + ZBX-20871 Fixed inability to use LLD macro functions in Prometheus pattern and labels used in item prototype preprocessing API + ZBX-24527 Fixed unnecessary loading text being displayed in hintbox preloader Frontend + ZBX-24362 Fixed wrong Zabbix agent 2 loadable plugin process handling catching all child process exits Agent + ZBX-24470 Fixed scale of VMware vmware.vm.memory.size.compressed key Proxy Server + ZBX-24415 Added triggers for datastores in VMware templates Templates + ZBX-18094 Fixed multiple pie graph issues related to calculation of item angles Frontend + ZBX-20766 Fixed confusing port binding error message Agent Proxy Server + ZBX-24481 Fixed inability to unset value map from existing item or item prototype by passing a version without valuemap parameter into configuration.import API + ZBX-24531 Fixed compile time data not being set for agent2 Agent + ZBX-24453 Implemented socket file cleanup when shutting down, added blocking of signals during important stages of startup Proxy Server + ZBX-24152 Fixed host form submission with Enter button if the form is opened in a popup and focus is in a flexible text area field Frontend + ZBX-23788 Added SNMP OID ifAlias in Network interfaces discovery Templates + ZBX-24482 Fixed the presence of the http_proxy field in the initial data Installation + ZBX-24210 Improved Zabbix agent 2 loadable plugin capacity code style Agent + ZBX-23951 Fixed issue of incorrect template matching when no UUID exists in export file API + ZBX-23953 Fixed CIDR network mask of VMware HV network interface Proxy Server + ZBX-24195 Fixed host IPMI username and password field max length Frontend + ZBX-24451 Added tags and changed a item in Proxmox template Templates + ZBX-23386 Fixed hintbox sizing to fit screen Frontend + ZBX-24024 Fixed OIDs for external sensors in APC UPC by SNMP templates Templates + ZBX-21751 Fixed node's loadavg item in Proxmox template Templates + ZBX-24315 Fixed linking template to host when some LLD macro paths already exist Server + ZBX-24172 Fixed Zabbix server issue with scheduled intervals on Feb 29th of leap year Server + ZBX-23407 Improved performance of retrieving last history values when primary keys are available API + ZBX-24246 Updated descriptions for family of MySQL and Oracle templates, changed macro in the trigger 'Tablespace utilization is too high' for family of Oracle templates Templates + ZBX-23988 Renamed Agent2 Go module + ZBX-24222 Fixed incorrect item OIDs in the FortiGate by SNMP template Templates + ZBX-24393 Updated README in Redis by Zabbix agent 2 template Templates + ZBX-24298 Allowed any JNDI service providers back in JMX monitoring Java gateway + ZBX-19990 Separated LLD filter macros in Apache Tomcat by JMX template Templates + ZBX-24364 Added preprocessing steps for LLD rules in RabbitMQ templates Templates + ZBX-24368 Improved PostgreSQL autovacuum's count query Templates + ZBX-24282 Fixed Zabbix proxy to report error for not supported items Proxy Server + ZBX-19507 Fixed vmware.eventlog item to recover after event keys are reset Server + ZBX-24241 Fixed Zabbix server issue with random order of host groups for a host during real-time export Server + ZBX-24275 Fixed item prototype JSONPath preprocessing, added missing volume health metric and triggers in HPE MSA templates Templates + ZBX-24316 Fixed username macro in GridGain by JMX template Templates + ZBX-23719 Updated plugin-support to add duplicate flag handling Agent + ZBX-22429 Fixed typo in Zabbix proxy automake file Installation + ZBX-24264 Fixed value cache being filled with values of newly added items with triggers Server + ZBX-24088 Fixed problem filtering in maps with nested maps Frontend + ZBX-24206 Fixed line breaks in JavaScript in Cloudflare template Templates + ZBX-24236 Fixed nested transaction error in LLD when connection is terminated Server + ZBX-24134 Added sensor discovery in VMware Hypervisor template Templates + ZBX-23918 Fixed item pattern select popup to display all available items Frontend + ZBX-24190 Fixed items being updated incorrectly when configuring graph Frontend + ZBX-24289 Fixed issue with interface assignment for items copied from host to host Frontend + ZBX-23032 Added triggers for cluster status in VMware templates Templates + ZBX-23948 Added support for TabularData data when parsing an MBean attribute Java gateway + ZBX-23742 Fixed tag filtering logic for tags with one name and different types of operators API + ZBX-24271 Added delay in JavaScript execution for Azure Cost Management by HTTP template Templates + ZBX-24208 Fixed Oracle, MySQL plugin connection cache blocking Agent + ZBX-24202 Fixed JavaScript in AWS S3 bucket by HTTP template Templates + ZBX-23478 Fixed issue when missing locale error would not be displayed for user under certain conditions Frontend + ZBX-24166 Fixed Zabbix not being able to restart due to RTC and sockets not being closed before stopping Agent Proxy Server + ZBX-23853 Fixed duplicate agent check timestamps when time shifts back due to system clock synchronization Agent Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-384=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64): zabbix-agent-6.0.33-bp156.2.3.1 zabbix-proxy-6.0.33-bp156.2.3.1 zabbix-proxy-mysql-6.0.33-bp156.2.3.1 zabbix-proxy-postgresql-6.0.33-bp156.2.3.1 zabbix-proxy-sqlite-6.0.33-bp156.2.3.1 zabbix-server-6.0.33-bp156.2.3.1 zabbix-server-mysql-6.0.33-bp156.2.3.1 zabbix-server-postgresql-6.0.33-bp156.2.3.1 - openSUSE Backports SLE-15-SP6 (noarch): system-user-zabbix-6.0.33-bp156.2.3.1 zabbix-java-gateway-6.0.33-bp156.2.3.1 zabbix-ui-6.0.33-bp156.2.3.1 References: https://www.suse.com/security/cve/CVE-2024-22114.html https://www.suse.com/security/cve/CVE-2024-36461.html https://bugzilla.suse.com/1229198 https://bugzilla.suse.com/1229204

1 0

openSUSE-SU-2024:14534-1: moderate: gimp-2.10.38-4.1 on GA media
by meissner＠suse.com 01 Dec '24

01 Dec '24

# gimp-2.10.38-4.1 on GA media Announcement ID: openSUSE-SU-2024:14534-1 Rating: moderate Cross-References: * CVE-2022-32990 * CVE-2023-44443 CVSS scores: * CVE-2022-32990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-44443 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the gimp-2.10.38-4.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * gimp 2.10.38-4.1 * gimp-devel 2.10.38-4.1 * gimp-lang 2.10.38-4.1 * gimp-plugin-aa 2.10.38-4.1 * gimp-plugins-python 2.10.38-4.1 * libgimp-2_0-0 2.10.38-4.1 * libgimpui-2_0-0 2.10.38-4.1 ## References: * https://www.suse.com/security/cve/CVE-2022-32990.html * https://www.suse.com/security/cve/CVE-2023-44443.html

1 0

openSUSE-SU-2024:14535-1: moderate: python-2.7.18-51.1 on GA media
by meissner＠suse.com 01 Dec '24

01 Dec '24

# python-2.7.18-51.1 on GA media Announcement ID: openSUSE-SU-2024:14535-1 Rating: moderate Cross-References: * CVE-2024-11168 CVSS scores: * CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the python-2.7.18-51.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * python 2.7.18-51.1 * python-curses 2.7.18-51.1 * python-demo 2.7.18-51.1 * python-gdbm 2.7.18-51.1 * python-idle 2.7.18-51.1 * python-tk 2.7.18-51.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11168.html

1 0