SUSE-SU-2025:0230-1: important: Security update for the Linux Kernel
SLE-SECURITY-UPDATES
null at suse.de
Fri Jan 24 12:31:22 UTC 2025
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2025:0230-1
Release Date: 2025-01-24T10:10:41Z
Rating: important
References:
* bsc#1215304
* bsc#1220927
* bsc#1220937
* bsc#1230697
* bsc#1232436
* bsc#1234281
* bsc#1234690
* bsc#1234846
* bsc#1234853
* bsc#1234891
* bsc#1234921
* bsc#1234963
* bsc#1235004
* bsc#1235054
* bsc#1235056
* bsc#1235061
* bsc#1235073
* bsc#1235246
* bsc#1235480
* bsc#1235584
Cross-References:
* CVE-2022-49035
* CVE-2023-52524
* CVE-2024-53142
* CVE-2024-53144
* CVE-2024-53146
* CVE-2024-53156
* CVE-2024-53173
* CVE-2024-53179
* CVE-2024-53214
* CVE-2024-53239
* CVE-2024-53240
* CVE-2024-56539
* CVE-2024-56548
* CVE-2024-56604
* CVE-2024-56605
* CVE-2024-56631
* CVE-2024-56704
* CVE-2024-8805
CVSS scores:
* CVE-2022-49035 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-49035 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-49035 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52524 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-53146 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-53156 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53173 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53179 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53214 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-53239 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56539 ( SUSE ): 8.6
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-56548 ( SUSE ): 8.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56604 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56605 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56631 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56631 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56631 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-56704 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-56704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-56704 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2
An update that solves 18 vulnerabilities and has two security fixes can now be
installed.
## Description:
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various
security bugfixes.
The following security bugs were fixed:
* CVE-2022-49035: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
(bsc#1215304).
* CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).
* CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in
htc_connect_service() (bsc#1234846).
* CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous
open() (bsc#1234891).
* CVE-2024-53179: smb: client: fix use-after-free of signing key
(bsc#1234921).
* CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended
capability (bsc#1235004).
* CVE-2024-53239: ALSA: 6fire: Release resources at card release
(bsc#1235054).
* CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).
* CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in
mwifiex_config_scan() (bsc#1234963).
* CVE-2024-56548: hfsplus: do not query the device logical block size multiple
times (bsc#1235073).
* CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in
rfcomm_sock_alloc() (bsc#1235056).
* CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error
in l2cap_sock_create() (bsc#1235061).
* CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
(bsc#1235480).
* CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
The following non-security bugs were fixed:
* net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-230=1
* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-230=1
* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-230=1
## Package List:
* SUSE Linux Enterprise Micro 5.1 (nosrc x86_64)
* kernel-rt-5.3.18-150300.197.1
* SUSE Linux Enterprise Micro 5.1 (x86_64)
* kernel-rt-debugsource-5.3.18-150300.197.1
* kernel-rt-debuginfo-5.3.18-150300.197.1
* SUSE Linux Enterprise Micro 5.1 (noarch)
* kernel-source-rt-5.3.18-150300.197.1
* SUSE Linux Enterprise Micro 5.2 (nosrc x86_64)
* kernel-rt-5.3.18-150300.197.1
* SUSE Linux Enterprise Micro 5.2 (x86_64)
* kernel-rt-debugsource-5.3.18-150300.197.1
* kernel-rt-debuginfo-5.3.18-150300.197.1
* SUSE Linux Enterprise Micro 5.2 (noarch)
* kernel-source-rt-5.3.18-150300.197.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64)
* kernel-rt-5.3.18-150300.197.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64)
* kernel-rt-debugsource-5.3.18-150300.197.1
* kernel-rt-debuginfo-5.3.18-150300.197.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
* kernel-source-rt-5.3.18-150300.197.1
## References:
* https://www.suse.com/security/cve/CVE-2022-49035.html
* https://www.suse.com/security/cve/CVE-2023-52524.html
* https://www.suse.com/security/cve/CVE-2024-53142.html
* https://www.suse.com/security/cve/CVE-2024-53144.html
* https://www.suse.com/security/cve/CVE-2024-53146.html
* https://www.suse.com/security/cve/CVE-2024-53156.html
* https://www.suse.com/security/cve/CVE-2024-53173.html
* https://www.suse.com/security/cve/CVE-2024-53179.html
* https://www.suse.com/security/cve/CVE-2024-53214.html
* https://www.suse.com/security/cve/CVE-2024-53239.html
* https://www.suse.com/security/cve/CVE-2024-53240.html
* https://www.suse.com/security/cve/CVE-2024-56539.html
* https://www.suse.com/security/cve/CVE-2024-56548.html
* https://www.suse.com/security/cve/CVE-2024-56604.html
* https://www.suse.com/security/cve/CVE-2024-56605.html
* https://www.suse.com/security/cve/CVE-2024-56631.html
* https://www.suse.com/security/cve/CVE-2024-56704.html
* https://www.suse.com/security/cve/CVE-2024-8805.html
* https://bugzilla.suse.com/show_bug.cgi?id=1215304
* https://bugzilla.suse.com/show_bug.cgi?id=1220927
* https://bugzilla.suse.com/show_bug.cgi?id=1220937
* https://bugzilla.suse.com/show_bug.cgi?id=1230697
* https://bugzilla.suse.com/show_bug.cgi?id=1232436
* https://bugzilla.suse.com/show_bug.cgi?id=1234281
* https://bugzilla.suse.com/show_bug.cgi?id=1234690
* https://bugzilla.suse.com/show_bug.cgi?id=1234846
* https://bugzilla.suse.com/show_bug.cgi?id=1234853
* https://bugzilla.suse.com/show_bug.cgi?id=1234891
* https://bugzilla.suse.com/show_bug.cgi?id=1234921
* https://bugzilla.suse.com/show_bug.cgi?id=1234963
* https://bugzilla.suse.com/show_bug.cgi?id=1235004
* https://bugzilla.suse.com/show_bug.cgi?id=1235054
* https://bugzilla.suse.com/show_bug.cgi?id=1235056
* https://bugzilla.suse.com/show_bug.cgi?id=1235061
* https://bugzilla.suse.com/show_bug.cgi?id=1235073
* https://bugzilla.suse.com/show_bug.cgi?id=1235246
* https://bugzilla.suse.com/show_bug.cgi?id=1235480
* https://bugzilla.suse.com/show_bug.cgi?id=1235584
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250124/0c2f6ce3/attachment.htm>
More information about the sle-security-updates
mailing list