Bug 1221725 (CVE-2024-25742)

Summary: VUL-0: CVE-2024-25742: kernel: insufficient validation during #VC instruction emulation
Product: [Novell Products] SUSE Security Incidents Reporter: Carlos López <carlos.lopez>
Component: IncidentsAssignee: Joerg Roedel <jroedel>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P3 - Medium CC: acaciatena, jcheung, jlee, jroedel, kvanderveer, meissner, public-cloud-maintainers, rjschwei, security-team, thomas.leroy, yousaf.kaukab
Version: unspecifiedFlags: thomas.leroy: needinfo? (acaciatena)
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/398286/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-25742:6.4:(AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) CVSSv3.1:SUSE:CVE-2024-25743:6.4:(AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on: 1221638    
Bug Blocks:    

Comment 1 Carlos López 2024-03-19 16:10:57 UTC 
Patch is public but bug details are not.
Comment 3 Carlos López 2024-03-19 16:12:42 UTC 
My guess is this is similar to CVE-2023-46813
Comment 4 Acacia Tena 2024-03-19 23:34:23 UTC 
These are the versions we required to be patched: 
sles-15-sp4-sap 
sles-15
Comment 5 Marcus Meissner 2024-03-20 09:35:43 UTC 
How hard is the April 4th requirement?

Our next scheduled release date for our kernels 2nd Tuesday of April, which is April 9th.
Comment 11 Marcus Meissner 2024-04-05 14:19:11 UTC 
is public:


https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3008.html


Disrupting AMD SEV-SNP on Linux® With Interrupts

AMD ID:    AMD-SB-3008
Potential Impact: N/A
Severity: N/A
Summary

Researchers from ETH Zurich have shared with AMD a paper titled “Heckler: Disrupting AMD SEV-SNP with Interrupts.”

In their paper, the researchers report that a malicious hypervisor can potentially break confidentiality and integrity of Linux® SEV-SNP guests by injecting interrupts. 

AMD believes that this vulnerability lies in the Linux® kernel implementation of SEV-SNP and mitigations addressing some of the vulnerability issues have been upstreamed to the main Linux kernel. Please refer to upstream kernel commit IDs f35e46631b28 ("Merge tag 'x86-int80-20231207' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip") and e3ef461af35a ("x86/sev: Harden #VC instruction emulation somewhat") " 

AMD supports additional hardware security features that are designed to protect against the reported attack that are not currently supported in Linux®. The relevant features are described in AMD64 Architecture Programmer’s Manual Volume 2, Section 15.36.16.

https://www.amd.com/content/dam/amd/en/documents/processor-tech-docs/programmer-references/24593.pdf

Please refer to your Linux® provider for guidance.

CVE-2024-25742, CVE-2024-25743, CVE-2024-25744 has been assigned by CERT/CC.
References

https://www.amd.com/content/dam/amd/en/documents/processor-tech-docs/programmer-references/24593.pdf
Acknowledgement

AMD thanks Benedict Schlüter, Supraja Sridhara, Mark Kuhne, Andrin Bertschi, and Shweta Shinde of ETH Zurich for reporting this issue and engaging in coordinated vulnerability disclosure.
Comment 23 Maintenance Automation 2024-04-16 20:30:08 UTC 
SUSE-SU-2024:1320-1: An update that solves 70 vulnerabilities, contains one feature and has two security fixes can now be installed.

Category: security (important)
Bug References: 1212514, 1220237, 1220320, 1220340, 1220366, 1220411, 1220413, 1220439, 1220443, 1220445, 1220466, 1220478, 1220482, 1220484, 1220486, 1220487, 1220790, 1220831, 1220833, 1220836, 1220839, 1220840, 1220843, 1220870, 1220871, 1220872, 1220878, 1220879, 1220885, 1220898, 1220918, 1220920, 1220921, 1220926, 1220927, 1220929, 1220932, 1220938, 1220940, 1220954, 1220955, 1220959, 1220960, 1220961, 1220965, 1220969, 1220978, 1220979, 1220981, 1220982, 1220983, 1220985, 1220986, 1220987, 1220989, 1220990, 1221009, 1221012, 1221015, 1221022, 1221039, 1221040, 1221048, 1221055, 1221058, 1221077, 1221276, 1221551, 1221553, 1221725, 1222073, 1222619
CVE References: CVE-2021-46925, CVE-2021-46926, CVE-2021-46927, CVE-2021-46929, CVE-2021-46930, CVE-2021-46931, CVE-2021-46933, CVE-2021-46936, CVE-2021-47082, CVE-2021-47087, CVE-2021-47091, CVE-2021-47093, CVE-2021-47094, CVE-2021-47095, CVE-2021-47096, CVE-2021-47097, CVE-2021-47098, CVE-2021-47099, CVE-2021-47100, CVE-2021-47101, CVE-2021-47102, CVE-2021-47104, CVE-2021-47105, CVE-2021-47107, CVE-2021-47108, CVE-2022-48626, CVE-2022-48629, CVE-2022-48630, CVE-2023-35827, CVE-2023-52450, CVE-2023-52454, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52477, CVE-2023-52492, CVE-2023-52497, CVE-2023-52501, CVE-2023-52502, CVE-2023-52504, CVE-2023-52507, CVE-2023-52508, CVE-2023-52509, CVE-2023-52510, CVE-2023-52511, CVE-2023-52513, CVE-2023-52515, CVE-2023-52517, CVE-2023-52519, CVE-2023-52520, CVE-2023-52523, CVE-2023-52524, CVE-2023-52525, CVE-2023-52528, CVE-2023-52529, CVE-2023-52532, CVE-2023-52564, CVE-2023-52566, CVE-2023-52567, CVE-2023-52569, CVE-2023-52574, CVE-2023-52575, CVE-2023-52576, CVE-2023-52582, CVE-2023-52583, CVE-2023-52597, CVE-2023-52605, CVE-2023-52621, CVE-2024-25742, CVE-2024-26600
Jira References: PED-5759
Maintenance Incident: [SUSE:Maintenance:33364](https://smelt.suse.de/incident/33364/)
Sources used:
SUSE Linux Enterprise Micro for Rancher 5.3 (src):
 kernel-source-rt-5.14.21-150400.15.76.1
SUSE Linux Enterprise Micro 5.3 (src):
 kernel-source-rt-5.14.21-150400.15.76.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src):
 kernel-source-rt-5.14.21-150400.15.76.1
SUSE Linux Enterprise Micro 5.4 (src):
 kernel-source-rt-5.14.21-150400.15.76.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 24 Maintenance Automation 2024-04-17 08:30:27 UTC 
SUSE-SU-2024:1322-1: An update that solves 149 vulnerabilities, contains four features and has 29 security fixes can now be installed.

Category: security (important)
Bug References: 1194869, 1200465, 1205316, 1207948, 1209635, 1209657, 1212514, 1213456, 1214852, 1215221, 1215322, 1217339, 1217959, 1217987, 1217988, 1217989, 1218321, 1218336, 1218479, 1218562, 1218643, 1218777, 1219169, 1219170, 1219264, 1219834, 1220114, 1220176, 1220237, 1220251, 1220320, 1220325, 1220328, 1220337, 1220340, 1220365, 1220366, 1220398, 1220411, 1220413, 1220433, 1220439, 1220443, 1220445, 1220466, 1220469, 1220478, 1220482, 1220484, 1220486, 1220487, 1220492, 1220703, 1220735, 1220736, 1220775, 1220790, 1220797, 1220831, 1220833, 1220836, 1220839, 1220840, 1220843, 1220845, 1220848, 1220870, 1220871, 1220872, 1220878, 1220879, 1220883, 1220885, 1220887, 1220898, 1220917, 1220918, 1220920, 1220921, 1220926, 1220927, 1220929, 1220930, 1220931, 1220932, 1220933, 1220937, 1220938, 1220940, 1220954, 1220955, 1220959, 1220960, 1220961, 1220965, 1220969, 1220978, 1220979, 1220981, 1220982, 1220983, 1220985, 1220986, 1220987, 1220989, 1220990, 1221009, 1221012, 1221015, 1221022, 1221039, 1221040, 1221044, 1221045, 1221046, 1221048, 1221055, 1221056, 1221058, 1221060, 1221061, 1221062, 1221066, 1221067, 1221068, 1221069, 1221070, 1221071, 1221077, 1221082, 1221090, 1221097, 1221156, 1221252, 1221273, 1221274, 1221276, 1221277, 1221291, 1221293, 1221298, 1221337, 1221338, 1221375, 1221379, 1221551, 1221553, 1221613, 1221614, 1221616, 1221618, 1221631, 1221633, 1221713, 1221725, 1221777, 1221814, 1221816, 1221830, 1221951, 1222033, 1222056, 1222060, 1222070, 1222073, 1222117, 1222274, 1222291, 1222300, 1222304, 1222317, 1222331, 1222355, 1222356, 1222360, 1222366, 1222373, 1222619
CVE References: CVE-2021-46925, CVE-2021-46926, CVE-2021-46927, CVE-2021-46929, CVE-2021-46930, CVE-2021-46931, CVE-2021-46933, CVE-2021-46934, CVE-2021-46936, CVE-2021-47082, CVE-2021-47083, CVE-2021-47087, CVE-2021-47091, CVE-2021-47093, CVE-2021-47094, CVE-2021-47095, CVE-2021-47096, CVE-2021-47097, CVE-2021-47098, CVE-2021-47099, CVE-2021-47100, CVE-2021-47101, CVE-2021-47102, CVE-2021-47104, CVE-2021-47105, CVE-2021-47107, CVE-2021-47108, CVE-2022-4744, CVE-2022-48626, CVE-2022-48627, CVE-2022-48628, CVE-2022-48629, CVE-2022-48630, CVE-2023-0160, CVE-2023-28746, CVE-2023-35827, CVE-2023-4881, CVE-2023-52447, CVE-2023-52450, CVE-2023-52453, CVE-2023-52454, CVE-2023-52462, CVE-2023-52463, CVE-2023-52467, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52476, CVE-2023-52477, CVE-2023-52481, CVE-2023-52482, CVE-2023-52484, CVE-2023-52486, CVE-2023-52492, CVE-2023-52493, CVE-2023-52494, CVE-2023-52497, CVE-2023-52500, CVE-2023-52501, CVE-2023-52502, CVE-2023-52504, CVE-2023-52507, CVE-2023-52508, CVE-2023-52509, CVE-2023-52510, CVE-2023-52511, CVE-2023-52513, CVE-2023-52515, CVE-2023-52517, CVE-2023-52518, CVE-2023-52519, CVE-2023-52520, CVE-2023-52523, CVE-2023-52524, CVE-2023-52525, CVE-2023-52528, CVE-2023-52529, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52559, CVE-2023-52563, CVE-2023-52564, CVE-2023-52566, CVE-2023-52567, CVE-2023-52569, CVE-2023-52574, CVE-2023-52575, CVE-2023-52576, CVE-2023-52582, CVE-2023-52583, CVE-2023-52587, CVE-2023-52591, CVE-2023-52594, CVE-2023-52595, CVE-2023-52597, CVE-2023-52598, CVE-2023-52599, CVE-2023-52600, CVE-2023-52601, CVE-2023-52602, CVE-2023-52603, CVE-2023-52604, CVE-2023-52605, CVE-2023-52606, CVE-2023-52607, CVE-2023-52608, CVE-2023-52612, CVE-2023-52615, CVE-2023-52617, CVE-2023-52619, CVE-2023-52621, CVE-2023-52623, CVE-2023-52628, CVE-2023-52632, CVE-2023-52637, CVE-2023-52639, CVE-2023-6270, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536, CVE-2023-7042, CVE-2023-7192, CVE-2024-0841, CVE-2024-2201, CVE-2024-22099, CVE-2024-23307, CVE-2024-25739, CVE-2024-25742, CVE-2024-26599, CVE-2024-26600, CVE-2024-26602, CVE-2024-26607, CVE-2024-26612, CVE-2024-26614, CVE-2024-26620, CVE-2024-26627, CVE-2024-26629, CVE-2024-26642, CVE-2024-26645, CVE-2024-26646, CVE-2024-26651, CVE-2024-26654, CVE-2024-26659, CVE-2024-26664, CVE-2024-26667, CVE-2024-26670, CVE-2024-26695, CVE-2024-26717
Jira References: PED-5759, PED-7167, PED-7618, PED-7619
Maintenance Incident: [SUSE:Maintenance:33361](https://smelt.suse.de/incident/33361/)
Sources used:
openSUSE Leap 15.5 (src):
 kernel-source-rt-5.14.21-150500.13.43.1, kernel-syms-rt-5.14.21-150500.13.43.1, kernel-livepatch-SLE15-SP5-RT_Update_12-1-150500.11.5.1
SUSE Linux Enterprise Micro 5.5 (src):
 kernel-source-rt-5.14.21-150500.13.43.1
SUSE Linux Enterprise Live Patching 15-SP5 (src):
 kernel-livepatch-SLE15-SP5-RT_Update_12-1-150500.11.5.1
SUSE Real Time Module 15-SP5 (src):
 kernel-source-rt-5.14.21-150500.13.43.1, kernel-syms-rt-5.14.21-150500.13.43.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Maintenance Automation 2024-04-17 08:30:55 UTC 
SUSE-SU-2024:1321-1: An update that solves 77 vulnerabilities, contains one feature and has two security fixes can now be installed.

Category: security (important)
Bug References: 1200599, 1209635, 1212514, 1213456, 1217987, 1217988, 1217989, 1220237, 1220251, 1220320, 1220340, 1220366, 1220411, 1220413, 1220439, 1220443, 1220445, 1220466, 1220478, 1220482, 1220484, 1220486, 1220487, 1220790, 1220831, 1220833, 1220836, 1220839, 1220840, 1220843, 1220870, 1220871, 1220872, 1220878, 1220879, 1220885, 1220898, 1220918, 1220920, 1220921, 1220926, 1220927, 1220929, 1220932, 1220938, 1220940, 1220954, 1220955, 1220959, 1220960, 1220961, 1220965, 1220969, 1220978, 1220979, 1220981, 1220982, 1220983, 1220985, 1220986, 1220987, 1220989, 1220990, 1221009, 1221012, 1221015, 1221022, 1221039, 1221040, 1221048, 1221055, 1221058, 1221077, 1221276, 1221551, 1221553, 1221725, 1222073, 1222619
CVE References: CVE-2021-46925, CVE-2021-46926, CVE-2021-46927, CVE-2021-46929, CVE-2021-46930, CVE-2021-46931, CVE-2021-46933, CVE-2021-46936, CVE-2021-47082, CVE-2021-47087, CVE-2021-47091, CVE-2021-47093, CVE-2021-47094, CVE-2021-47095, CVE-2021-47096, CVE-2021-47097, CVE-2021-47098, CVE-2021-47099, CVE-2021-47100, CVE-2021-47101, CVE-2021-47102, CVE-2021-47104, CVE-2021-47105, CVE-2021-47107, CVE-2021-47108, CVE-2022-20154, CVE-2022-4744, CVE-2022-48626, CVE-2022-48629, CVE-2022-48630, CVE-2023-28746, CVE-2023-35827, CVE-2023-52447, CVE-2023-52450, CVE-2023-52454, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52477, CVE-2023-52492, CVE-2023-52497, CVE-2023-52501, CVE-2023-52502, CVE-2023-52504, CVE-2023-52507, CVE-2023-52508, CVE-2023-52509, CVE-2023-52510, CVE-2023-52511, CVE-2023-52513, CVE-2023-52515, CVE-2023-52517, CVE-2023-52519, CVE-2023-52520, CVE-2023-52523, CVE-2023-52524, CVE-2023-52525, CVE-2023-52528, CVE-2023-52529, CVE-2023-52532, CVE-2023-52564, CVE-2023-52566, CVE-2023-52567, CVE-2023-52569, CVE-2023-52574, CVE-2023-52575, CVE-2023-52576, CVE-2023-52582, CVE-2023-52583, CVE-2023-52597, CVE-2023-52605, CVE-2023-52621, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536, CVE-2024-25742, CVE-2024-26600
Jira References: PED-5759
Maintenance Incident: [SUSE:Maintenance:33231](https://smelt.suse.de/incident/33231/)
Sources used:
openSUSE Leap 15.4 (src):
 kernel-obs-build-5.14.21-150400.24.116.1, kernel-obs-qa-5.14.21-150400.24.116.1, kernel-syms-5.14.21-150400.24.116.1, kernel-source-5.14.21-150400.24.116.1, kernel-livepatch-SLE15-SP4_Update_25-1-150400.9.5.1, kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
openSUSE Leap Micro 5.3 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
openSUSE Leap Micro 5.4 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
SUSE Linux Enterprise Micro for Rancher 5.3 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
SUSE Linux Enterprise Micro 5.3 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
SUSE Linux Enterprise Micro for Rancher 5.4 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
SUSE Linux Enterprise Micro 5.4 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
SUSE Linux Enterprise Live Patching 15-SP4 (src):
 kernel-livepatch-SLE15-SP4_Update_25-1-150400.9.5.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5, kernel-obs-build-5.14.21-150400.24.116.1, kernel-syms-5.14.21-150400.24.116.1, kernel-source-5.14.21-150400.24.116.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5, kernel-obs-build-5.14.21-150400.24.116.1, kernel-syms-5.14.21-150400.24.116.1, kernel-source-5.14.21-150400.24.116.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5, kernel-obs-build-5.14.21-150400.24.116.1, kernel-syms-5.14.21-150400.24.116.1, kernel-source-5.14.21-150400.24.116.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5, kernel-obs-build-5.14.21-150400.24.116.1, kernel-syms-5.14.21-150400.24.116.1, kernel-source-5.14.21-150400.24.116.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5, kernel-obs-build-5.14.21-150400.24.116.1, kernel-syms-5.14.21-150400.24.116.1, kernel-source-5.14.21-150400.24.116.1
SUSE Manager Proxy 4.3 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5, kernel-syms-5.14.21-150400.24.116.1, kernel-source-5.14.21-150400.24.116.1
SUSE Manager Retail Branch Server 4.3 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5, kernel-source-5.14.21-150400.24.116.1
SUSE Manager Server 4.3 (src):
 kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5, kernel-syms-5.14.21-150400.24.116.1, kernel-source-5.14.21-150400.24.116.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Maintenance Automation 2024-04-18 16:30:21 UTC 
SUSE-SU-2024:1322-2: An update that solves 149 vulnerabilities, contains four features and has 29 security fixes can now be installed.

Category: security (important)
Bug References: 1194869, 1200465, 1205316, 1207948, 1209635, 1209657, 1212514, 1213456, 1214852, 1215221, 1215322, 1217339, 1217959, 1217987, 1217988, 1217989, 1218321, 1218336, 1218479, 1218562, 1218643, 1218777, 1219169, 1219170, 1219264, 1219834, 1220114, 1220176, 1220237, 1220251, 1220320, 1220325, 1220328, 1220337, 1220340, 1220365, 1220366, 1220398, 1220411, 1220413, 1220433, 1220439, 1220443, 1220445, 1220466, 1220469, 1220478, 1220482, 1220484, 1220486, 1220487, 1220492, 1220703, 1220735, 1220736, 1220775, 1220790, 1220797, 1220831, 1220833, 1220836, 1220839, 1220840, 1220843, 1220845, 1220848, 1220870, 1220871, 1220872, 1220878, 1220879, 1220883, 1220885, 1220887, 1220898, 1220917, 1220918, 1220920, 1220921, 1220926, 1220927, 1220929, 1220930, 1220931, 1220932, 1220933, 1220937, 1220938, 1220940, 1220954, 1220955, 1220959, 1220960, 1220961, 1220965, 1220969, 1220978, 1220979, 1220981, 1220982, 1220983, 1220985, 1220986, 1220987, 1220989, 1220990, 1221009, 1221012, 1221015, 1221022, 1221039, 1221040, 1221044, 1221045, 1221046, 1221048, 1221055, 1221056, 1221058, 1221060, 1221061, 1221062, 1221066, 1221067, 1221068, 1221069, 1221070, 1221071, 1221077, 1221082, 1221090, 1221097, 1221156, 1221252, 1221273, 1221274, 1221276, 1221277, 1221291, 1221293, 1221298, 1221337, 1221338, 1221375, 1221379, 1221551, 1221553, 1221613, 1221614, 1221616, 1221618, 1221631, 1221633, 1221713, 1221725, 1221777, 1221814, 1221816, 1221830, 1221951, 1222033, 1222056, 1222060, 1222070, 1222073, 1222117, 1222274, 1222291, 1222300, 1222304, 1222317, 1222331, 1222355, 1222356, 1222360, 1222366, 1222373, 1222619
CVE References: CVE-2021-46925, CVE-2021-46926, CVE-2021-46927, CVE-2021-46929, CVE-2021-46930, CVE-2021-46931, CVE-2021-46933, CVE-2021-46934, CVE-2021-46936, CVE-2021-47082, CVE-2021-47083, CVE-2021-47087, CVE-2021-47091, CVE-2021-47093, CVE-2021-47094, CVE-2021-47095, CVE-2021-47096, CVE-2021-47097, CVE-2021-47098, CVE-2021-47099, CVE-2021-47100, CVE-2021-47101, CVE-2021-47102, CVE-2021-47104, CVE-2021-47105, CVE-2021-47107, CVE-2021-47108, CVE-2022-4744, CVE-2022-48626, CVE-2022-48627, CVE-2022-48628, CVE-2022-48629, CVE-2022-48630, CVE-2023-0160, CVE-2023-28746, CVE-2023-35827, CVE-2023-4881, CVE-2023-52447, CVE-2023-52450, CVE-2023-52453, CVE-2023-52454, CVE-2023-52462, CVE-2023-52463, CVE-2023-52467, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52476, CVE-2023-52477, CVE-2023-52481, CVE-2023-52482, CVE-2023-52484, CVE-2023-52486, CVE-2023-52492, CVE-2023-52493, CVE-2023-52494, CVE-2023-52497, CVE-2023-52500, CVE-2023-52501, CVE-2023-52502, CVE-2023-52504, CVE-2023-52507, CVE-2023-52508, CVE-2023-52509, CVE-2023-52510, CVE-2023-52511, CVE-2023-52513, CVE-2023-52515, CVE-2023-52517, CVE-2023-52518, CVE-2023-52519, CVE-2023-52520, CVE-2023-52523, CVE-2023-52524, CVE-2023-52525, CVE-2023-52528, CVE-2023-52529, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52559, CVE-2023-52563, CVE-2023-52564, CVE-2023-52566, CVE-2023-52567, CVE-2023-52569, CVE-2023-52574, CVE-2023-52575, CVE-2023-52576, CVE-2023-52582, CVE-2023-52583, CVE-2023-52587, CVE-2023-52591, CVE-2023-52594, CVE-2023-52595, CVE-2023-52597, CVE-2023-52598, CVE-2023-52599, CVE-2023-52600, CVE-2023-52601, CVE-2023-52602, CVE-2023-52603, CVE-2023-52604, CVE-2023-52605, CVE-2023-52606, CVE-2023-52607, CVE-2023-52608, CVE-2023-52612, CVE-2023-52615, CVE-2023-52617, CVE-2023-52619, CVE-2023-52621, CVE-2023-52623, CVE-2023-52628, CVE-2023-52632, CVE-2023-52637, CVE-2023-52639, CVE-2023-6270, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536, CVE-2023-7042, CVE-2023-7192, CVE-2024-0841, CVE-2024-2201, CVE-2024-22099, CVE-2024-23307, CVE-2024-25739, CVE-2024-25742, CVE-2024-26599, CVE-2024-26600, CVE-2024-26602, CVE-2024-26607, CVE-2024-26612, CVE-2024-26614, CVE-2024-26620, CVE-2024-26627, CVE-2024-26629, CVE-2024-26642, CVE-2024-26645, CVE-2024-26646, CVE-2024-26651, CVE-2024-26654, CVE-2024-26659, CVE-2024-26664, CVE-2024-26667, CVE-2024-26670, CVE-2024-26695, CVE-2024-26717
Jira References: PED-5759, PED-7167, PED-7618, PED-7619
Maintenance Incident: [SUSE:Maintenance:33361](https://smelt.suse.de/incident/33361/)
Sources used:
openSUSE Leap 15.5 (src):
 kernel-source-rt-5.14.21-150500.13.43.1, kernel-syms-rt-5.14.21-150500.13.43.1, kernel-livepatch-SLE15-SP5-RT_Update_12-1-150500.11.5.1
SUSE Linux Enterprise Micro 5.5 (src):
 kernel-source-rt-5.14.21-150500.13.43.1
SUSE Linux Enterprise Live Patching 15-SP5 (src):
 kernel-livepatch-SLE15-SP5-RT_Update_12-1-150500.11.5.1
SUSE Real Time Module 15-SP5 (src):
 kernel-source-rt-5.14.21-150500.13.43.1, kernel-syms-rt-5.14.21-150500.13.43.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Maintenance Automation 2024-04-29 16:30:27 UTC 
SUSE-SU-2024:1466-1: An update that solves 149 vulnerabilities, contains four features and has 31 security fixes can now be installed.

Category: security (important)
Bug References: 1194869, 1200465, 1205316, 1207948, 1209635, 1209657, 1212514, 1213456, 1214852, 1215221, 1215322, 1217339, 1217829, 1217959, 1217987, 1217988, 1217989, 1218321, 1218336, 1218479, 1218562, 1218643, 1218777, 1219169, 1219170, 1219264, 1219834, 1220114, 1220176, 1220237, 1220251, 1220320, 1220325, 1220328, 1220337, 1220340, 1220365, 1220366, 1220398, 1220411, 1220413, 1220433, 1220439, 1220443, 1220445, 1220466, 1220469, 1220478, 1220482, 1220484, 1220486, 1220487, 1220492, 1220703, 1220735, 1220736, 1220775, 1220790, 1220797, 1220831, 1220833, 1220836, 1220839, 1220840, 1220843, 1220845, 1220848, 1220870, 1220871, 1220872, 1220878, 1220879, 1220883, 1220885, 1220887, 1220898, 1220917, 1220918, 1220920, 1220921, 1220926, 1220927, 1220929, 1220930, 1220931, 1220932, 1220933, 1220937, 1220938, 1220940, 1220954, 1220955, 1220959, 1220960, 1220961, 1220965, 1220969, 1220978, 1220979, 1220981, 1220982, 1220983, 1220985, 1220986, 1220987, 1220989, 1220990, 1221009, 1221012, 1221015, 1221022, 1221039, 1221040, 1221044, 1221045, 1221046, 1221048, 1221055, 1221056, 1221058, 1221060, 1221061, 1221062, 1221066, 1221067, 1221068, 1221069, 1221070, 1221071, 1221077, 1221082, 1221090, 1221097, 1221156, 1221252, 1221273, 1221274, 1221276, 1221277, 1221291, 1221293, 1221298, 1221337, 1221338, 1221375, 1221379, 1221551, 1221553, 1221613, 1221614, 1221616, 1221618, 1221631, 1221633, 1221713, 1221725, 1221777, 1221814, 1221816, 1221830, 1221951, 1222033, 1222056, 1222060, 1222070, 1222073, 1222117, 1222274, 1222291, 1222300, 1222304, 1222317, 1222331, 1222355, 1222356, 1222360, 1222366, 1222373, 1222619, 1222952
CVE References: CVE-2021-46925, CVE-2021-46926, CVE-2021-46927, CVE-2021-46929, CVE-2021-46930, CVE-2021-46931, CVE-2021-46933, CVE-2021-46934, CVE-2021-46936, CVE-2021-47082, CVE-2021-47083, CVE-2021-47087, CVE-2021-47091, CVE-2021-47093, CVE-2021-47094, CVE-2021-47095, CVE-2021-47096, CVE-2021-47097, CVE-2021-47098, CVE-2021-47099, CVE-2021-47100, CVE-2021-47101, CVE-2021-47102, CVE-2021-47104, CVE-2021-47105, CVE-2021-47107, CVE-2021-47108, CVE-2022-4744, CVE-2022-48626, CVE-2022-48627, CVE-2022-48628, CVE-2022-48629, CVE-2022-48630, CVE-2023-0160, CVE-2023-28746, CVE-2023-35827, CVE-2023-4881, CVE-2023-52447, CVE-2023-52450, CVE-2023-52453, CVE-2023-52454, CVE-2023-52462, CVE-2023-52463, CVE-2023-52467, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52476, CVE-2023-52477, CVE-2023-52481, CVE-2023-52482, CVE-2023-52484, CVE-2023-52486, CVE-2023-52492, CVE-2023-52493, CVE-2023-52494, CVE-2023-52497, CVE-2023-52500, CVE-2023-52501, CVE-2023-52502, CVE-2023-52504, CVE-2023-52507, CVE-2023-52508, CVE-2023-52509, CVE-2023-52510, CVE-2023-52511, CVE-2023-52513, CVE-2023-52515, CVE-2023-52517, CVE-2023-52518, CVE-2023-52519, CVE-2023-52520, CVE-2023-52523, CVE-2023-52524, CVE-2023-52525, CVE-2023-52528, CVE-2023-52529, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52559, CVE-2023-52563, CVE-2023-52564, CVE-2023-52566, CVE-2023-52567, CVE-2023-52569, CVE-2023-52574, CVE-2023-52575, CVE-2023-52576, CVE-2023-52582, CVE-2023-52583, CVE-2023-52587, CVE-2023-52591, CVE-2023-52594, CVE-2023-52595, CVE-2023-52597, CVE-2023-52598, CVE-2023-52599, CVE-2023-52600, CVE-2023-52601, CVE-2023-52602, CVE-2023-52603, CVE-2023-52604, CVE-2023-52605, CVE-2023-52606, CVE-2023-52607, CVE-2023-52608, CVE-2023-52612, CVE-2023-52615, CVE-2023-52617, CVE-2023-52619, CVE-2023-52621, CVE-2023-52623, CVE-2023-52628, CVE-2023-52632, CVE-2023-52637, CVE-2023-52639, CVE-2023-6270, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536, CVE-2023-7042, CVE-2023-7192, CVE-2024-0841, CVE-2024-2201, CVE-2024-22099, CVE-2024-23307, CVE-2024-25739, CVE-2024-25742, CVE-2024-26599, CVE-2024-26600, CVE-2024-26602, CVE-2024-26607, CVE-2024-26612, CVE-2024-26614, CVE-2024-26620, CVE-2024-26627, CVE-2024-26629, CVE-2024-26642, CVE-2024-26645, CVE-2024-26646, CVE-2024-26651, CVE-2024-26654, CVE-2024-26659, CVE-2024-26664, CVE-2024-26667, CVE-2024-26670, CVE-2024-26695, CVE-2024-26717
Jira References: PED-5759, PED-7167, PED-7618, PED-7619
Maintenance Incident: [SUSE:Maintenance:33466](https://smelt.suse.de/incident/33466/)
Sources used:
openSUSE Leap 15.5 (src):
 kernel-source-rt-5.14.21-150500.13.47.1, kernel-livepatch-SLE15-SP5-RT_Update_13-1-150500.11.3.1, kernel-syms-rt-5.14.21-150500.13.47.1
SUSE Linux Enterprise Micro 5.5 (src):
 kernel-source-rt-5.14.21-150500.13.47.1
SUSE Linux Enterprise Live Patching 15-SP5 (src):
 kernel-livepatch-SLE15-SP5-RT_Update_13-1-150500.11.3.1
SUSE Real Time Module 15-SP5 (src):
 kernel-source-rt-5.14.21-150500.13.47.1, kernel-syms-rt-5.14.21-150500.13.47.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 33 Maintenance Automation 2024-04-30 16:30:38 UTC 
SUSE-SU-2024:1480-1: An update that solves 150 vulnerabilities, contains four features and has 32 security fixes can now be installed.

Category: security (important)
Bug References: 1194869, 1200465, 1205316, 1207948, 1209635, 1209657, 1212514, 1213456, 1214852, 1215221, 1215322, 1217339, 1217829, 1217959, 1217987, 1217988, 1217989, 1218321, 1218336, 1218479, 1218562, 1218643, 1218777, 1219169, 1219170, 1219264, 1219443, 1219834, 1220114, 1220176, 1220237, 1220251, 1220320, 1220325, 1220328, 1220337, 1220340, 1220365, 1220366, 1220393, 1220398, 1220411, 1220413, 1220433, 1220439, 1220443, 1220445, 1220466, 1220469, 1220478, 1220482, 1220484, 1220486, 1220487, 1220492, 1220703, 1220735, 1220736, 1220775, 1220790, 1220797, 1220831, 1220833, 1220836, 1220839, 1220840, 1220843, 1220845, 1220848, 1220870, 1220871, 1220872, 1220878, 1220879, 1220883, 1220885, 1220887, 1220898, 1220917, 1220918, 1220920, 1220921, 1220926, 1220927, 1220929, 1220930, 1220931, 1220932, 1220933, 1220937, 1220938, 1220940, 1220954, 1220955, 1220959, 1220960, 1220961, 1220965, 1220969, 1220978, 1220979, 1220981, 1220982, 1220983, 1220985, 1220986, 1220987, 1220989, 1220990, 1221009, 1221012, 1221015, 1221022, 1221039, 1221040, 1221044, 1221045, 1221046, 1221048, 1221055, 1221056, 1221058, 1221060, 1221061, 1221062, 1221066, 1221067, 1221068, 1221069, 1221070, 1221071, 1221077, 1221082, 1221090, 1221097, 1221156, 1221252, 1221273, 1221274, 1221276, 1221277, 1221291, 1221293, 1221298, 1221337, 1221338, 1221375, 1221379, 1221551, 1221553, 1221613, 1221614, 1221616, 1221618, 1221631, 1221633, 1221713, 1221725, 1221777, 1221814, 1221816, 1221830, 1221951, 1222033, 1222056, 1222060, 1222070, 1222073, 1222117, 1222274, 1222291, 1222300, 1222304, 1222317, 1222331, 1222355, 1222356, 1222360, 1222366, 1222373, 1222619, 1222952
CVE References: CVE-2021-46925, CVE-2021-46926, CVE-2021-46927, CVE-2021-46929, CVE-2021-46930, CVE-2021-46931, CVE-2021-46933, CVE-2021-46934, CVE-2021-46936, CVE-2021-47082, CVE-2021-47083, CVE-2021-47087, CVE-2021-47091, CVE-2021-47093, CVE-2021-47094, CVE-2021-47095, CVE-2021-47096, CVE-2021-47097, CVE-2021-47098, CVE-2021-47099, CVE-2021-47100, CVE-2021-47101, CVE-2021-47102, CVE-2021-47104, CVE-2021-47105, CVE-2021-47107, CVE-2021-47108, CVE-2022-4744, CVE-2022-48626, CVE-2022-48627, CVE-2022-48628, CVE-2022-48629, CVE-2022-48630, CVE-2023-0160, CVE-2023-28746, CVE-2023-35827, CVE-2023-4881, CVE-2023-52447, CVE-2023-52450, CVE-2023-52453, CVE-2023-52454, CVE-2023-52462, CVE-2023-52463, CVE-2023-52467, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52476, CVE-2023-52477, CVE-2023-52481, CVE-2023-52482, CVE-2023-52484, CVE-2023-52486, CVE-2023-52492, CVE-2023-52493, CVE-2023-52494, CVE-2023-52497, CVE-2023-52500, CVE-2023-52501, CVE-2023-52502, CVE-2023-52504, CVE-2023-52507, CVE-2023-52508, CVE-2023-52509, CVE-2023-52510, CVE-2023-52511, CVE-2023-52513, CVE-2023-52515, CVE-2023-52517, CVE-2023-52518, CVE-2023-52519, CVE-2023-52520, CVE-2023-52523, CVE-2023-52524, CVE-2023-52525, CVE-2023-52528, CVE-2023-52529, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52559, CVE-2023-52563, CVE-2023-52564, CVE-2023-52566, CVE-2023-52567, CVE-2023-52569, CVE-2023-52574, CVE-2023-52575, CVE-2023-52576, CVE-2023-52582, CVE-2023-52583, CVE-2023-52587, CVE-2023-52591, CVE-2023-52594, CVE-2023-52595, CVE-2023-52597, CVE-2023-52598, CVE-2023-52599, CVE-2023-52600, CVE-2023-52601, CVE-2023-52602, CVE-2023-52603, CVE-2023-52604, CVE-2023-52605, CVE-2023-52606, CVE-2023-52607, CVE-2023-52608, CVE-2023-52612, CVE-2023-52615, CVE-2023-52617, CVE-2023-52619, CVE-2023-52621, CVE-2023-52623, CVE-2023-52628, CVE-2023-52632, CVE-2023-52637, CVE-2023-52639, CVE-2023-6270, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536, CVE-2023-7042, CVE-2023-7192, CVE-2024-0841, CVE-2024-2201, CVE-2024-22099, CVE-2024-23307, CVE-2024-25739, CVE-2024-25742, CVE-2024-25743, CVE-2024-26599, CVE-2024-26600, CVE-2024-26602, CVE-2024-26607, CVE-2024-26612, CVE-2024-26614, CVE-2024-26620, CVE-2024-26627, CVE-2024-26629, CVE-2024-26642, CVE-2024-26645, CVE-2024-26646, CVE-2024-26651, CVE-2024-26654, CVE-2024-26659, CVE-2024-26664, CVE-2024-26667, CVE-2024-26670, CVE-2024-26695, CVE-2024-26717
Jira References: PED-5759, PED-7167, PED-7618, PED-7619
Maintenance Incident: [SUSE:Maintenance:33310](https://smelt.suse.de/incident/33310/)
Sources used:
openSUSE Leap 15.5 (src):
 kernel-default-base-5.14.21-150500.55.59.1.150500.6.25.7, kernel-livepatch-SLE15-SP5_Update_12-1-150500.11.7.1, kernel-syms-5.14.21-150500.55.59.1, kernel-obs-qa-5.14.21-150500.55.59.1, kernel-source-5.14.21-150500.55.59.1, kernel-obs-build-5.14.21-150500.55.59.1
SUSE Linux Enterprise Micro 5.5 (src):
 kernel-default-base-5.14.21-150500.55.59.1.150500.6.25.7
Basesystem Module 15-SP5 (src):
 kernel-default-base-5.14.21-150500.55.59.1.150500.6.25.7, kernel-source-5.14.21-150500.55.59.1
Development Tools Module 15-SP5 (src):
 kernel-syms-5.14.21-150500.55.59.1, kernel-source-5.14.21-150500.55.59.1, kernel-obs-build-5.14.21-150500.55.59.1
SUSE Linux Enterprise Live Patching 15-SP5 (src):
 kernel-livepatch-SLE15-SP5_Update_12-1-150500.11.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 34 Maintenance Automation 2024-05-03 08:30:33 UTC 
SUSE-SU-2024:1490-1: An update that solves 183 vulnerabilities, contains three features and has 38 security fixes can now be installed.

Category: security (important)
Bug References: 1177529, 1192145, 1194869, 1200465, 1205316, 1207948, 1209635, 1209657, 1212514, 1213456, 1214852, 1215221, 1215322, 1217339, 1217829, 1217959, 1217987, 1217988, 1217989, 1218321, 1218336, 1218479, 1218643, 1218777, 1219126, 1219169, 1219170, 1219264, 1219834, 1220114, 1220176, 1220237, 1220251, 1220320, 1220337, 1220340, 1220365, 1220366, 1220398, 1220411, 1220413, 1220439, 1220443, 1220445, 1220466, 1220478, 1220482, 1220484, 1220486, 1220487, 1220492, 1220703, 1220775, 1220790, 1220797, 1220831, 1220833, 1220836, 1220839, 1220840, 1220843, 1220870, 1220871, 1220872, 1220878, 1220879, 1220883, 1220885, 1220887, 1220898, 1220901, 1220915, 1220918, 1220920, 1220921, 1220926, 1220927, 1220929, 1220932, 1220935, 1220937, 1220938, 1220940, 1220954, 1220955, 1220959, 1220960, 1220961, 1220965, 1220969, 1220978, 1220979, 1220981, 1220982, 1220983, 1220985, 1220986, 1220987, 1220989, 1220990, 1221009, 1221012, 1221015, 1221022, 1221039, 1221040, 1221044, 1221045, 1221046, 1221048, 1221055, 1221056, 1221058, 1221060, 1221061, 1221062, 1221066, 1221067, 1221068, 1221069, 1221070, 1221071, 1221077, 1221082, 1221090, 1221097, 1221156, 1221162, 1221252, 1221273, 1221274, 1221276, 1221277, 1221291, 1221293, 1221298, 1221337, 1221338, 1221375, 1221379, 1221551, 1221553, 1221613, 1221614, 1221616, 1221618, 1221631, 1221633, 1221713, 1221725, 1221777, 1221791, 1221814, 1221816, 1221830, 1221951, 1222011, 1222033, 1222051, 1222056, 1222060, 1222070, 1222073, 1222117, 1222247, 1222266, 1222274, 1222291, 1222300, 1222304, 1222317, 1222331, 1222355, 1222356, 1222360, 1222366, 1222373, 1222416, 1222422, 1222427, 1222428, 1222431, 1222437, 1222445, 1222449, 1222503, 1222520, 1222536, 1222549, 1222550, 1222557, 1222585, 1222586, 1222596, 1222609, 1222610, 1222619, 1222630, 1222632, 1222660, 1222662, 1222664, 1222669, 1222677, 1222678, 1222680, 1222706, 1222720, 1222724, 1222726, 1222727, 1222764, 1222772, 1222781, 1222784, 1222798, 1222801, 1222952, 1223030, 1223067, 1223068
CVE References: CVE-2021-46925, CVE-2021-46926, CVE-2021-46927, CVE-2021-46929, CVE-2021-46930, CVE-2021-46931, CVE-2021-46933, CVE-2021-46936, CVE-2021-47082, CVE-2021-47087, CVE-2021-47091, CVE-2021-47093, CVE-2021-47094, CVE-2021-47095, CVE-2021-47096, CVE-2021-47097, CVE-2021-47098, CVE-2021-47099, CVE-2021-47100, CVE-2021-47101, CVE-2021-47102, CVE-2021-47104, CVE-2021-47105, CVE-2021-47107, CVE-2021-47108, CVE-2021-47181, CVE-2021-47182, CVE-2021-47183, CVE-2021-47185, CVE-2021-47189, CVE-2022-4744, CVE-2022-48626, CVE-2022-48629, CVE-2022-48630, CVE-2023-0160, CVE-2023-28746, CVE-2023-35827, CVE-2023-4881, CVE-2023-52447, CVE-2023-52450, CVE-2023-52453, CVE-2023-52454, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52476, CVE-2023-52477, CVE-2023-52481, CVE-2023-52484, CVE-2023-52486, CVE-2023-52488, CVE-2023-52492, CVE-2023-52493, CVE-2023-52494, CVE-2023-52497, CVE-2023-52500, CVE-2023-52501, CVE-2023-52502, CVE-2023-52503, CVE-2023-52504, CVE-2023-52507, CVE-2023-52508, CVE-2023-52509, CVE-2023-52510, CVE-2023-52511, CVE-2023-52513, CVE-2023-52515, CVE-2023-52517, CVE-2023-52518, CVE-2023-52519, CVE-2023-52520, CVE-2023-52523, CVE-2023-52524, CVE-2023-52525, CVE-2023-52528, CVE-2023-52529, CVE-2023-52532, CVE-2023-52561, CVE-2023-52563, CVE-2023-52564, CVE-2023-52566, CVE-2023-52567, CVE-2023-52569, CVE-2023-52574, CVE-2023-52575, CVE-2023-52576, CVE-2023-52582, CVE-2023-52583, CVE-2023-52587, CVE-2023-52591, CVE-2023-52594, CVE-2023-52595, CVE-2023-52597, CVE-2023-52598, CVE-2023-52599, CVE-2023-52600, CVE-2023-52601, CVE-2023-52602, CVE-2023-52603, CVE-2023-52604, CVE-2023-52605, CVE-2023-52606, CVE-2023-52607, CVE-2023-52608, CVE-2023-52612, CVE-2023-52615, CVE-2023-52617, CVE-2023-52619, CVE-2023-52621, CVE-2023-52623, CVE-2023-52627, CVE-2023-52628, CVE-2023-52632, CVE-2023-52636, CVE-2023-52637, CVE-2023-52639, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536, CVE-2023-7042, CVE-2023-7192, CVE-2024-0841, CVE-2024-2201, CVE-2024-22099, CVE-2024-23307, CVE-2024-23850, CVE-2024-25739, CVE-2024-25742, CVE-2024-26599, CVE-2024-26600, CVE-2024-26602, CVE-2024-26612, CVE-2024-26614, CVE-2024-26620, CVE-2024-26627, CVE-2024-26629, CVE-2024-26642, CVE-2024-26645, CVE-2024-26646, CVE-2024-26651, CVE-2024-26654, CVE-2024-26659, CVE-2024-26660, CVE-2024-26664, CVE-2024-26667, CVE-2024-26670, CVE-2024-26680, CVE-2024-26681, CVE-2024-26684, CVE-2024-26685, CVE-2024-26689, CVE-2024-26695, CVE-2024-26696, CVE-2024-26697, CVE-2024-26704, CVE-2024-26717, CVE-2024-26718, CVE-2024-26722, CVE-2024-26727, CVE-2024-26733, CVE-2024-26736, CVE-2024-26737, CVE-2024-26743, CVE-2024-26744, CVE-2024-26745, CVE-2024-26747, CVE-2024-26749, CVE-2024-26751, CVE-2024-26754, CVE-2024-26760, CVE-2024-26763, CVE-2024-26766, CVE-2024-26769, CVE-2024-26771, CVE-2024-26776, CVE-2024-26779, CVE-2024-26787, CVE-2024-26790, CVE-2024-26793, CVE-2024-26798, CVE-2024-26805, CVE-2024-26807, CVE-2024-26848
Jira References: PED-5759, PED-7167, PED-7619
Maintenance Incident: [SUSE:Maintenance:33538](https://smelt.suse.de/incident/33538/)
Sources used:
openSUSE Leap 15.5 (src):
 kernel-source-azure-5.14.21-150500.33.48.1, kernel-syms-azure-5.14.21-150500.33.48.1
Public Cloud Module 15-SP5 (src):
 kernel-source-azure-5.14.21-150500.33.48.1, kernel-syms-azure-5.14.21-150500.33.48.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Maintenance Automation 2024-05-14 16:33:28 UTC 
SUSE-SU-2024:1641-1: An update that solves 90 vulnerabilities and has three security fixes can now be installed.

Category: security (important)
Bug References: 1192145, 1209657, 1215221, 1216223, 1218336, 1218479, 1218562, 1219104, 1219126, 1219169, 1219170, 1219264, 1220342, 1220703, 1220761, 1220883, 1221044, 1221061, 1221088, 1221293, 1221299, 1221612, 1221725, 1221830, 1222117, 1222422, 1222430, 1222435, 1222482, 1222503, 1222536, 1222559, 1222585, 1222618, 1222624, 1222660, 1222662, 1222664, 1222666, 1222669, 1222671, 1222703, 1222704, 1222706, 1222709, 1222721, 1222726, 1222773, 1222776, 1222785, 1222787, 1222790, 1222791, 1222792, 1222796, 1222824, 1222829, 1222832, 1222836, 1222838, 1222866, 1222867, 1222869, 1222876, 1222878, 1222879, 1222881, 1222883, 1222888, 1222894, 1222901, 1223016, 1223187, 1223380, 1223474, 1223475, 1223477, 1223479, 1223482, 1223484, 1223487, 1223503, 1223505, 1223509, 1223513, 1223516, 1223517, 1223518, 1223519, 1223522, 1223523, 1223705, 1223824
CVE References: CVE-2021-47047, CVE-2021-47181, CVE-2021-47182, CVE-2021-47183, CVE-2021-47184, CVE-2021-47185, CVE-2021-47187, CVE-2021-47188, CVE-2021-47189, CVE-2021-47191, CVE-2021-47192, CVE-2021-47193, CVE-2021-47194, CVE-2021-47195, CVE-2021-47196, CVE-2021-47197, CVE-2021-47198, CVE-2021-47199, CVE-2021-47200, CVE-2021-47201, CVE-2021-47202, CVE-2021-47203, CVE-2021-47204, CVE-2021-47205, CVE-2021-47206, CVE-2021-47207, CVE-2021-47209, CVE-2021-47210, CVE-2021-47211, CVE-2021-47212, CVE-2021-47215, CVE-2021-47216, CVE-2021-47217, CVE-2021-47218, CVE-2021-47219, CVE-2022-48631, CVE-2022-48637, CVE-2022-48638, CVE-2022-48647, CVE-2022-48648, CVE-2022-48650, CVE-2022-48651, CVE-2022-48653, CVE-2022-48654, CVE-2022-48655, CVE-2022-48656, CVE-2022-48657, CVE-2022-48660, CVE-2022-48662, CVE-2022-48663, CVE-2022-48667, CVE-2022-48668, CVE-2023-0160, CVE-2023-4881, CVE-2023-52476, CVE-2023-52500, CVE-2023-52590, CVE-2023-52591, CVE-2023-52607, CVE-2023-52616, CVE-2023-52628, CVE-2023-6270, CVE-2023-7042, CVE-2023-7192, CVE-2024-0841, CVE-2024-22099, CVE-2024-23307, CVE-2024-23848, CVE-2024-23850, CVE-2024-25742, CVE-2024-26601, CVE-2024-26610, CVE-2024-26614, CVE-2024-26642, CVE-2024-26687, CVE-2024-26688, CVE-2024-26689, CVE-2024-26704, CVE-2024-26727, CVE-2024-26733, CVE-2024-26739, CVE-2024-26764, CVE-2024-26766, CVE-2024-26773, CVE-2024-26792, CVE-2024-26816, CVE-2024-26898, CVE-2024-26903, CVE-2024-27043, CVE-2024-27389
Maintenance Incident: [SUSE:Maintenance:33706](https://smelt.suse.de/incident/33706/)
Sources used:
openSUSE Leap Micro 5.4 (src):
 kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src):
 kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1
SUSE Linux Enterprise Micro 5.3 (src):
 kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src):
 kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1
SUSE Linux Enterprise Micro 5.4 (src):
 kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1
SUSE Linux Enterprise Live Patching 15-SP4 (src):
 kernel-livepatch-SLE15-SP4_Update_26-1-150400.9.3.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src):
 kernel-syms-5.14.21-150400.24.119.1, kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1, kernel-obs-build-5.14.21-150400.24.119.1, kernel-source-5.14.21-150400.24.119.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src):
 kernel-syms-5.14.21-150400.24.119.1, kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1, kernel-obs-build-5.14.21-150400.24.119.1, kernel-source-5.14.21-150400.24.119.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src):
 kernel-syms-5.14.21-150400.24.119.1, kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1, kernel-obs-build-5.14.21-150400.24.119.1, kernel-source-5.14.21-150400.24.119.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src):
 kernel-syms-5.14.21-150400.24.119.1, kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1, kernel-obs-build-5.14.21-150400.24.119.1, kernel-source-5.14.21-150400.24.119.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src):
 kernel-syms-5.14.21-150400.24.119.1, kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1, kernel-obs-build-5.14.21-150400.24.119.1, kernel-source-5.14.21-150400.24.119.1
SUSE Manager Proxy 4.3 (src):
 kernel-syms-5.14.21-150400.24.119.1, kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1, kernel-source-5.14.21-150400.24.119.1
SUSE Manager Retail Branch Server 4.3 (src):
 kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1, kernel-source-5.14.21-150400.24.119.1
SUSE Manager Server 4.3 (src):
 kernel-syms-5.14.21-150400.24.119.1, kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1, kernel-source-5.14.21-150400.24.119.1
openSUSE Leap 15.4 (src):
 kernel-livepatch-SLE15-SP4_Update_26-1-150400.9.3.1, kernel-obs-build-5.14.21-150400.24.119.1, kernel-source-5.14.21-150400.24.119.1, kernel-syms-5.14.21-150400.24.119.1, kernel-obs-qa-5.14.21-150400.24.119.1, kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1
openSUSE Leap Micro 5.3 (src):
 kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.