SUSE-IU-2025:632-1: Security update of suse/sle-micro/base-5.5
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Feb 19 08:05:25 UTC 2025
SUSE Image Update Advisory: suse/sle-micro/base-5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:632-1
Image Tags : suse/sle-micro/base-5.5:2.0.4 , suse/sle-micro/base-5.5:2.0.4-5.8.145 , suse/sle-micro/base-5.5:latest
Image Release : 5.8.145
Severity : important
Type : security
References : 1194869 1216813 1223384 1225736 1226848 1226980 1228537 1228592
1230341 1230432 1230527 1230697 1231088 1231847 1232914 1233028
1233055 1233097 1233103 1233112 1233464 1233488 1233642 1233778
1234024 1234025 1234078 1234087 1234153 1234155 1234223 1234381
1234683 1234690 1234825 1234829 1234832 1234884 1234889 1234896
1234899 1234900 1234905 1234909 1234916 1234918 1234922 1234930
1234931 1234934 1234962 1234999 1235002 1235009 1235011 1235053
1235057 1235059 1235100 1235122 1235123 1235133 1235134 1235217
1235222 1235230 1235249 1235410 1235430 1235433 1235441 1235451
1235458 1235466 1235473 1235480 1235491 1235495 1235496 1235521
1235557 1235563 1235570 1235584 1235611 1235635 1235641 1235643
1235645 1235647 1235723 1235739 1235747 1235759 1235764 1235768
1235806 1235812 1235814 1235818 1235842 1235920 1235969 1236628
CVE-2024-26758 CVE-2024-26943 CVE-2024-36898 CVE-2024-38599 CVE-2024-41047
CVE-2024-45019 CVE-2024-46858 CVE-2024-50051 CVE-2024-50136 CVE-2024-50142
CVE-2024-50151 CVE-2024-50195 CVE-2024-50199 CVE-2024-50210 CVE-2024-50275
CVE-2024-50299 CVE-2024-53095 CVE-2024-53103 CVE-2024-53104 CVE-2024-53112
CVE-2024-53121 CVE-2024-53127 CVE-2024-53129 CVE-2024-53138 CVE-2024-53141
CVE-2024-53144 CVE-2024-53148 CVE-2024-53151 CVE-2024-53166 CVE-2024-53169
CVE-2024-53171 CVE-2024-53174 CVE-2024-53177 CVE-2024-53208 CVE-2024-53209
CVE-2024-53215 CVE-2024-53217 CVE-2024-53224 CVE-2024-53227 CVE-2024-53229
CVE-2024-53690 CVE-2024-54680 CVE-2024-55916 CVE-2024-56531 CVE-2024-56532
CVE-2024-56533 CVE-2024-56557 CVE-2024-56558 CVE-2024-56562 CVE-2024-56567
CVE-2024-56588 CVE-2024-56595 CVE-2024-56596 CVE-2024-56597 CVE-2024-56600
CVE-2024-56601 CVE-2024-56602 CVE-2024-56623 CVE-2024-56629 CVE-2024-56631
CVE-2024-56642 CVE-2024-56644 CVE-2024-56645 CVE-2024-56648 CVE-2024-56650
CVE-2024-56658 CVE-2024-56661 CVE-2024-56664 CVE-2024-56678 CVE-2024-56681
CVE-2024-56698 CVE-2024-56701 CVE-2024-56704 CVE-2024-56722 CVE-2024-56739
CVE-2024-56745 CVE-2024-56747 CVE-2024-56754 CVE-2024-56756 CVE-2024-56759
CVE-2024-56765 CVE-2024-56776 CVE-2024-56777 CVE-2024-56778 CVE-2024-57791
CVE-2024-57792 CVE-2024-57793 CVE-2024-57798 CVE-2024-57849 CVE-2024-57850
CVE-2024-57876 CVE-2024-57893 CVE-2024-57897 CVE-2024-8805
-----------------------------------------------------------------
The container suse/sle-micro/base-5.5 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:577-1
Released: Tue Feb 18 13:51:28 2025
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1194869,1216813,1223384,1225736,1226848,1226980,1228537,1228592,1230341,1230432,1230527,1230697,1231088,1231847,1232914,1233028,1233055,1233097,1233103,1233112,1233464,1233488,1233642,1233778,1234024,1234025,1234078,1234087,1234153,1234155,1234223,1234381,1234683,1234690,1234825,1234829,1234832,1234884,1234889,1234896,1234899,1234900,1234905,1234909,1234916,1234918,1234922,1234930,1234931,1234934,1234962,1234999,1235002,1235009,1235011,1235053,1235057,1235059,1235100,1235122,1235123,1235133,1235134,1235217,1235222,1235230,1235249,1235410,1235430,1235433,1235441,1235451,1235458,1235466,1235473,1235480,1235491,1235495,1235496,1235521,1235557,1235563,1235570,1235584,1235611,1235635,1235641,1235643,1235645,1235647,1235723,1235739,1235747,1235759,1235764,1235768,1235806,1235812,1235814,1235818,1235842,1235920,1235969,1236628,CVE-2024-26758,CVE-2024-26943,CVE-2024-36898,CVE-2024-38599,CVE-2024-41047,CVE-2024-45019,CVE-2024-46858,CVE-2024-50051,CVE-2024-50136,CVE-2024-50142,CVE
-2024-50151,CVE-2024-50195,CVE-2024-50199,CVE-2024-50210,CVE-2024-50275,CVE-2024-50299,CVE-2024-53095,CVE-2024-53103,CVE-2024-53104,CVE-2024-53112,CVE-2024-53121,CVE-2024-53127,CVE-2024-53129,CVE-2024-53138,CVE-2024-53141,CVE-2024-53144,CVE-2024-53148,CVE-2024-53151,CVE-2024-53166,CVE-2024-53169,CVE-2024-53171,CVE-2024-53174,CVE-2024-53177,CVE-2024-53208,CVE-2024-53209,CVE-2024-53215,CVE-2024-53217,CVE-2024-53224,CVE-2024-53227,CVE-2024-53229,CVE-2024-53690,CVE-2024-54680,CVE-2024-55916,CVE-2024-56531,CVE-2024-56532,CVE-2024-56533,CVE-2024-56557,CVE-2024-56558,CVE-2024-56562,CVE-2024-56567,CVE-2024-56588,CVE-2024-56595,CVE-2024-56596,CVE-2024-56597,CVE-2024-56600,CVE-2024-56601,CVE-2024-56602,CVE-2024-56623,CVE-2024-56629,CVE-2024-56631,CVE-2024-56642,CVE-2024-56644,CVE-2024-56645,CVE-2024-56648,CVE-2024-56650,CVE-2024-56658,CVE-2024-56661,CVE-2024-56664,CVE-2024-56678,CVE-2024-56681,CVE-2024-56698,CVE-2024-56701,CVE-2024-56704,CVE-2024-56722,CVE-2024-56739,CVE-2024-56745,CVE-2024-5
6747,CVE-2024-56754,CVE-2024-56756,CVE-2024-56759,CVE-2024-56765,CVE-2024-56776,CVE-2024-56777,CVE-2024-56778,CVE-2024-57791,CVE-2024-57792,CVE-2024-57793,CVE-2024-57798,CVE-2024-57849,CVE-2024-57850,CVE-2024-57876,CVE-2024-57893,CVE-2024-57897,CVE-2024-8805
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo (bsc#1225736).
- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
- CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028).
- CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request (bsc#1233055).
- CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
- CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb() (bsc#1233488).
- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).
- CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884).
- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).
- CVE-2024-53209: bnxt_en: Fix receive ring space parameters when XDP is active (bsc#1235002).
- CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit() (bsc#1235011).
- CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs initialization (bsc#1235123).
- CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217).
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230).
- CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (bsc#1235521).
- CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
- CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release() (bsc#1235480).
- CVE-2024-56642: tipc: Fix use-after-free of kernel socket in cleanup_bearer() (bsc#1235433).
- CVE-2024-56645: can: j1939: j1939_session_new(): fix skb reference counting (bsc#1235134).
- CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235451).
- CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430).
- CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
- CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249).
- CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
- CVE-2024-56747: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (bsc#1234934).
- CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645).
- CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759).
- CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits (bsc#1235764).
- CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors (bsc#1235768).
- CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (bsc#1235818).
- CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling (bsc#1235814).
- CVE-2024-57876: drm/dp_mst: Fix resetting msg rx state after topology removal (bsc#1235806).
- CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920).
- CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction (bsc#1235969).
The following non-security bugs were fixed:
- NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
- NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847).
- NFS: Improve heuristic for readdirplus (bsc#1231847).
- NFS: Trigger the 'ls -l' readdir heuristic sooner (bsc#1231847).
- VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
- ceph: improve error handling and short/overflow-read logic in __ceph_sync_read() (bsc#1228592).
- ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
- netfilter: nf_tables: validate family when identifying table via handle (bsc#1233778).
- powerpc/pseries/vas: Add close() callback in vas_vm_ops struct (bsc#1234825).
- tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
- x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (git-fixes).
The following package changes have been done:
- kernel-default-5.14.21-150500.55.94.1 updated
More information about the sle-container-updates
mailing list