SUSE: 2024:3499-1 important: the Linux Kernel Security Advisory Updates
Summary
## The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002) * CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * CVE-2022-48919: Fix double free race when mount fails in cifs_get_root() (bsc#1229657). * CVE-2023-52854: Fix refcnt handling in padata_free_shell() (bsc#1225584). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641) * CVE-2022-48872: Fix use-after-free race condition for maps (bsc#1229510). * CVE-2022-48873: Do not remove map on creater_process and device_release (bsc#1229512). * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2022-48686: Fixed UAF when detecting digest errors (bsc#1223948). The following non-security bugs were fixed: * Bluetooth: L2CAP: Fix deadlock (git-fixes). * powerpc: Remove support for PowerPC 601 (Remove unused and malformed assembly causing build error). * sched/psi: use kernfs polling functions for PSI trigger polling (bsc#1209799 bsc#1225109). * scsi: pm80xx: Fix TMF task completion race condition (bsc#1228002)
References
* bsc#1196018
* bsc#1196823
* bsc#1202346
* bsc#1209636
* bsc#1209799
* bsc#1210629
* bsc#1216834
* bsc#1220185
* bsc#1220186
* bsc#1222251
* bsc#1222728
* bsc#1223948
* bsc#1225109
* bsc#1225584
* bsc#1227942
* bsc#1227969
* bsc#1227985
* bsc#1228002
* bsc#1228015
* bsc#1228114
* bsc#1228516
* bsc#1228576
* bsc#1228959
* bsc#1229400
* bsc#1229454
* bsc#1229500
* bsc#1229503
* bsc#1229510
* bsc#1229512
* bsc#1229607
* bsc#1229630
* bsc#1229641
* bsc#1229657
* bsc#1229707
Cross-
* CVE-2022-0854
* CVE-2022-20368
* CVE-2022-28748
* CVE-2022-2964
* CVE-2022-48686
* CVE-2022-48791
* CVE-2022-48802
* CVE-2022-48805
* CVE-2022-48839
* CVE-2022-48853
* CVE-2022-48872
* CVE-2022-48873
* CVE-2022-48901
* CVE-2022-48912
* CVE-2022-48919
* CVE-2022-48925
* CVE-2023-1582
* CVE-2023-2176
* CVE-2023-52854
* CVE-2024-26583
* CVE-2024-26584
* CVE-2024-26800
* CVE-2024-41011
* CVE-2024-41062
* CVE-2024-42077
* CVE-2024-42232
* CVE-2024-42271
* CVE-2024-43861
* CVE-2024-43882
* CVE-2024-43883
* CVE-2024-44947
CVSS scores:
* CVE-2022-0854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-0854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-20368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-20368 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-28748 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2022-2964 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-2964 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48686 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48686 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48791 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48805 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48839 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48872 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48872 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48873 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48912 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48912 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48919 ( SUSE ): 7.1
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-1582 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-1582 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26583 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26583 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26584 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26584 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26800 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-41011 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41011 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41062 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42232 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42271 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-43883 ( SUSE ): 5.4
CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-44947 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
* CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products:
* SUSE Linux Enterprise High Availability Extension 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Live Patching 15-SP2
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Manager Proxy 4.1
* SUSE Manager Retail Branch Server 4.1
* SUSE Manager Server 4.1
An update that solves 31 vulnerabilities and has three security fixes can now be
installed.
##
* https://www.suse.com/security/cve/CVE-2022-0854.html
* https://www.suse.com/security/cve/CVE-2022-20368.html
* https://www.suse.com/security/cve/CVE-2022-28748.html
* https://www.suse.com/security/cve/CVE-2022-2964.html
* https://www.suse.com/security/cve/CVE-2022-48686.html
* https://www.suse.com/security/cve/CVE-2022-48791.html
* https://www.suse.com/security/cve/CVE-2022-48802.html
* https://www.suse.com/security/cve/CVE-2022-48805.html
* https://www.suse.com/security/cve/CVE-2022-48839.html
* https://www.suse.com/security/cve/CVE-2022-48853.html
* https://www.suse.com/security/cve/CVE-2022-48872.html
* https://www.suse.com/security/cve/CVE-2022-48873.html
* https://www.suse.com/security/cve/CVE-2022-48901.html
* https://www.suse.com/security/cve/CVE-2022-48912.html
* https://www.suse.com/security/cve/CVE-2022-48919.html
* https://www.suse.com/security/cve/CVE-2022-48925.html
* https://www.suse.com/security/cve/CVE-2023-1582.html
* https://www.suse.com/security/cve/CVE-2023-2176.html
* https://www.suse.com/security/cve/CVE-2023-52854.html
* https://www.suse.com/security/cve/CVE-2024-26583.html
* https://www.suse.com/security/cve/CVE-2024-26584.html
* https://www.suse.com/security/cve/CVE-2024-26800.html
* https://www.suse.com/security/cve/CVE-2024-41011.html
* https://www.suse.com/security/cve/CVE-2024-41062.html
* https://www.suse.com/security/cve/CVE-2024-42077.html
* https://www.suse.com/security/cve/CVE-2024-42232.html
* https://www.suse.com/security/cve/CVE-2024-42271.html
* https://www.suse.com/security/cve/CVE-2024-43861.html
* https://www.suse.com/security/cve/CVE-2024-43882.html
* https://www.suse.com/security/cve/CVE-2024-43883.html
* https://www.suse.com/security/cve/CVE-2024-44947.html
* https://bugzilla.suse.com/show_bug.cgi?id=1196018
* https://bugzilla.suse.com/show_bug.cgi?id=1196823
* https://bugzilla.suse.com/show_bug.cgi?id=1202346
* https://bugzilla.suse.com/show_bug.cgi?id=1209636
* https://bugzilla.suse.com/show_bug.cgi?id=1209799
* https://bugzilla.suse.com/show_bug.cgi?id=1210629
* https://bugzilla.suse.com/show_bug.cgi?id=1216834
* https://bugzilla.suse.com/show_bug.cgi?id=1220185
* https://bugzilla.suse.com/show_bug.cgi?id=1220186
* https://bugzilla.suse.com/show_bug.cgi?id=1222251
* https://bugzilla.suse.com/show_bug.cgi?id=1222728
* https://bugzilla.suse.com/show_bug.cgi?id=1223948
* https://bugzilla.suse.com/show_bug.cgi?id=1225109
* https://bugzilla.suse.com/show_bug.cgi?id=1225584
* https://bugzilla.suse.com/show_bug.cgi?id=1227942
* https://bugzilla.suse.com/show_bug.cgi?id=1227969
* https://bugzilla.suse.com/show_bug.cgi?id=1227985
* https://bugzilla.suse.com/show_bug.cgi?id=1228002
* https://bugzilla.suse.com/show_bug.cgi?id=1228015
* https://bugzilla.suse.com/show_bug.cgi?id=1228114
* https://bugzilla.suse.com/show_bug.cgi?id=1228516
* https://bugzilla.suse.com/show_bug.cgi?id=1228576
* https://bugzilla.suse.com/show_bug.cgi?id=1228959
* https://bugzilla.suse.com/show_bug.cgi?id=1229400
* https://bugzilla.suse.com/show_bug.cgi?id=1229454
* https://bugzilla.suse.com/show_bug.cgi?id=1229500
* https://bugzilla.suse.com/show_bug.cgi?id=1229503
* https://bugzilla.suse.com/show_bug.cgi?id=1229510
* https://bugzilla.suse.com/show_bug.cgi?id=1229512
* https://bugzilla.suse.com/show_bug.cgi?id=1229607
* https://bugzilla.suse.com/show_bug.cgi?id=1229630
* https://bugzilla.suse.com/show_bug.cgi?id=1229641
* https://bugzilla.suse.com/show_bug.cgi?id=1229657
* https://bugzilla.suse.com/show_bug.cgi?id=1229707