Bug 1224838 (CVE-2021-47245)

Summary: VUL-0: CVE-2021-47245: kernel: netfilter: synproxy: Fix out of bounds when parsing TCP options
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: gabriele.sonnu, mhocko
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/406874/
Whiteboard: CVSSv3.1:SUSE:CVE-2021-47245:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-05-22 08:09:40 UTC 
In the Linux kernel, the following vulnerability has been resolved:

netfilter: synproxy: Fix out of bounds when parsing TCP options

The TCP option parser in synproxy (synproxy_parse_options) could read
one byte out of bounds. When the length is 1, the execution flow gets
into the loop, reads one byte of the opcode, and if the opcode is
neither TCPOPT_EOL nor TCPOPT_NOP, it reads one more byte, which exceeds
the length of 1.

This fix is inspired by commit 9609dad263f8 ("ipv4: tcp_input: fix stack
out of bounds when parsing TCP options.").

v2 changes:

Added an early return when length < 0 to avoid calling
skb_header_pointer with negative length.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-47245
https://www.cve.org/CVERecord?id=CVE-2021-47245
https://git.kernel.org/stable/c/576c1526b4d83c44ad7b673cb841f36cbc6cb6c4
https://git.kernel.org/stable/c/5fc177ab759418c9537433e63301096e733fb915
https://git.kernel.org/stable/c/674b5f0c6a4fc5d3abce877048290cea6091fcb1
https://git.kernel.org/stable/c/6defc77d48eff74075b80ad5925061b2fc010d98
https://git.kernel.org/stable/c/7d9a9a1a88a3da574e019b4de756bc73337b3b0b
https://git.kernel.org/stable/c/9cdf299ba4e153b5e56187648420de22c6216f02
https://git.kernel.org/stable/c/e1eb98cfeafdd85537e7e3cefe93ca9bfbcc3ea8
https://git.kernel.org/stable/c/f648089337cb8ed40b2bb96e244f72b9d97dc96b
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2021/CVE-2021-47245.mbox
Comment 6 Davide Benini 2024-06-07 20:41:51 UTC 
Fixed in:
SLE12-SP5	3bf50df7ba9 netfilter: synproxy: Fix out of bounds when parsing TCP options (CVE-2021-47245 bsc#1224838)
SLE12-SP3-TD	2bfbf86c798 netfilter: synproxy: Fix out of bounds when parsing TCP options (CVE-2021-47245 bsc#1224838)

Assigning back to the security team
Comment 9 Maintenance Automation 2024-06-11 08:30:27 UTC 
SUSE-SU-2024:1979-1: An update that solves 180 vulnerabilities and has 18 security fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1101816, 1181674, 1185902, 1187716, 1188616, 1190317, 1190795, 1191452, 1194591, 1197760, 1206213, 1206646, 1207186, 1209657, 1210335, 1215702, 1216702, 1217169, 1217519, 1220487, 1220854, 1220928, 1221044, 1221081, 1221086, 1221977, 1221994, 1222619, 1222627, 1222667, 1222671, 1222893, 1222894, 1223023, 1223046, 1223048, 1223084, 1223138, 1223207, 1223360, 1223384, 1223633, 1223653, 1223666, 1223671, 1223738, 1223752, 1223834, 1223922, 1223932, 1223948, 1224096, 1224174, 1224181, 1224347, 1224482, 1224511, 1224525, 1224566, 1224580, 1224592, 1224601, 1224607, 1224621, 1224644, 1224645, 1224648, 1224650, 1224663, 1224671, 1224676, 1224680, 1224682, 1224725, 1224728, 1224733, 1224738, 1224747, 1224749, 1224759, 1224803, 1224827, 1224830, 1224831, 1224834, 1224838, 1224841, 1224844, 1224846, 1224847, 1224849, 1224854, 1224859, 1224867, 1224880, 1224882, 1224888, 1224889, 1224892, 1224893, 1224899, 1224904, 1224907, 1224916, 1224917, 1224922, 1224926, 1224930, 1224931, 1224942, 1224954, 1224957, 1224959, 1224960, 1224961, 1224963, 1224966, 1224968, 1224981, 1224982, 1224983, 1224987, 1224990, 1224996, 1225008, 1225009, 1225010, 1225022, 1225026, 1225030, 1225054, 1225058, 1225059, 1225060, 1225062, 1225082, 1225084, 1225086, 1225092, 1225096, 1225112, 1225124, 1225128, 1225132, 1225141, 1225143, 1225144, 1225151, 1225153, 1225155, 1225157, 1225164, 1225177, 1225189, 1225192, 1225193, 1225198, 1225201, 1225207, 1225208, 1225222, 1225230, 1225242, 1225244, 1225247, 1225251, 1225252, 1225256, 1225303, 1225318, 1225322, 1225329, 1225330, 1225336, 1225347, 1225351, 1225354, 1225355, 1225360, 1225366, 1225367, 1225384, 1225390, 1225404, 1225409, 1225411, 1225438, 1225453, 1225479, 1225482, 1225506, 1225549, 1225560, 1225572, 1225640, 1225708, 1225764
CVE References: CVE-2021-46933, CVE-2021-47074, CVE-2021-47162, CVE-2021-47171, CVE-2021-47188, CVE-2021-47206, CVE-2021-47220, CVE-2021-47229, CVE-2021-47231, CVE-2021-47235, CVE-2021-47236, CVE-2021-47237, CVE-2021-47238, CVE-2021-47239, CVE-2021-47245, CVE-2021-47246, CVE-2021-47248, CVE-2021-47249, CVE-2021-47250, CVE-2021-47252, CVE-2021-47254, CVE-2021-47258, CVE-2021-47260, CVE-2021-47261, CVE-2021-47265, CVE-2021-47269, CVE-2021-47274, CVE-2021-47276, CVE-2021-47277, CVE-2021-47280, CVE-2021-47281, CVE-2021-47284, CVE-2021-47285, CVE-2021-47288, CVE-2021-47301, CVE-2021-47302, CVE-2021-47305, CVE-2021-47307, CVE-2021-47308, CVE-2021-47310, CVE-2021-47311, CVE-2021-47314, CVE-2021-47315, CVE-2021-47319, CVE-2021-47320, CVE-2021-47321, CVE-2021-47323, CVE-2021-47324, CVE-2021-47330, CVE-2021-47334, CVE-2021-47337, CVE-2021-47343, CVE-2021-47344, CVE-2021-47345, CVE-2021-47347, CVE-2021-47352, CVE-2021-47353, CVE-2021-47355, CVE-2021-47356, CVE-2021-47357, CVE-2021-47361, CVE-2021-47362, CVE-2021-47369, CVE-2021-47375, CVE-2021-47378, CVE-2021-47382, CVE-2021-47383, CVE-2021-47391, CVE-2021-47397, CVE-2021-47400, CVE-2021-47401, CVE-2021-47404, CVE-2021-47409, CVE-2021-47416, CVE-2021-47423, CVE-2021-47424, CVE-2021-47431, CVE-2021-47435, CVE-2021-47436, CVE-2021-47456, CVE-2021-47458, CVE-2021-47460, CVE-2021-47469, CVE-2021-47472, CVE-2021-47473, CVE-2021-47478, CVE-2021-47480, CVE-2021-47483, CVE-2021-47485, CVE-2021-47495, CVE-2021-47496, CVE-2021-47497, CVE-2021-47500, CVE-2021-47506, CVE-2021-47509, CVE-2021-47511, CVE-2021-47523, CVE-2021-47541, CVE-2021-47548, CVE-2021-47565, CVE-2022-48686, CVE-2022-48697, CVE-2022-48704, CVE-2022-48708, CVE-2022-48710, CVE-2023-0160, CVE-2023-1829, CVE-2023-42755, CVE-2023-47233, CVE-2023-52527, CVE-2023-52586, CVE-2023-52591, CVE-2023-52655, CVE-2023-52664, CVE-2023-52685, CVE-2023-52686, CVE-2023-52691, CVE-2023-52696, CVE-2023-52698, CVE-2023-52703, CVE-2023-52730, CVE-2023-52732, CVE-2023-52741, CVE-2023-52742, CVE-2023-52747, CVE-2023-52759, CVE-2023-52774, CVE-2023-52781, CVE-2023-52796, CVE-2023-52803, CVE-2023-52821, CVE-2023-52864, CVE-2023-52865, CVE-2023-52867, CVE-2023-52875, CVE-2023-52880, CVE-2024-26625, CVE-2024-26752, CVE-2024-26775, CVE-2024-26828, CVE-2024-26846, CVE-2024-26874, CVE-2024-26900, CVE-2024-26915, CVE-2024-26920, CVE-2024-26921, CVE-2024-26934, CVE-2024-26957, CVE-2024-26958, CVE-2024-26984, CVE-2024-26996, CVE-2024-27059, CVE-2024-27062, CVE-2024-27396, CVE-2024-27398, CVE-2024-27401, CVE-2024-27419, CVE-2024-27436, CVE-2024-35789, CVE-2024-35791, CVE-2024-35809, CVE-2024-35811, CVE-2024-35830, CVE-2024-35849, CVE-2024-35877, CVE-2024-35878, CVE-2024-35887, CVE-2024-35895, CVE-2024-35914, CVE-2024-35932, CVE-2024-35935, CVE-2024-35936, CVE-2024-35944, CVE-2024-35955, CVE-2024-35969, CVE-2024-35982, CVE-2024-35984, CVE-2024-36015, CVE-2024-36029, CVE-2024-36954
Maintenance Incident: [SUSE:Maintenance:34205](https://smelt.suse.de/incident/34205/)
Sources used:
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 kernel-syms-azure-4.12.14-16.188.1, kernel-source-azure-4.12.14-16.188.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 kernel-syms-azure-4.12.14-16.188.1, kernel-source-azure-4.12.14-16.188.1
SUSE Linux Enterprise Server 12 SP5 (src):
 kernel-syms-azure-4.12.14-16.188.1, kernel-source-azure-4.12.14-16.188.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 10 Maintenance Automation 2024-06-11 12:30:42 UTC 
SUSE-SU-2024:1983-1: An update that solves 199 vulnerabilities and has 26 security fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1101816, 1141539, 1181674, 1185902, 1187716, 1188616, 1190317, 1190795, 1191452, 1194591, 1197760, 1197894, 1203935, 1206213, 1206646, 1207186, 1209657, 1210335, 1215702, 1216702, 1217169, 1217519, 1218917, 1220487, 1220513, 1220854, 1220928, 1221044, 1221081, 1221086, 1221543, 1221545, 1221816, 1221977, 1221994, 1222559, 1222619, 1222627, 1222667, 1222671, 1222793, 1222893, 1222894, 1223023, 1223046, 1223048, 1223084, 1223119, 1223138, 1223207, 1223360, 1223384, 1223432, 1223509, 1223512, 1223539, 1223540, 1223626, 1223627, 1223633, 1223653, 1223666, 1223671, 1223712, 1223715, 1223738, 1223744, 1223752, 1223802, 1223819, 1223834, 1223922, 1223923, 1223931, 1223932, 1223948, 1223969, 1224096, 1224174, 1224181, 1224347, 1224482, 1224511, 1224525, 1224566, 1224580, 1224592, 1224601, 1224607, 1224621, 1224644, 1224645, 1224648, 1224650, 1224663, 1224671, 1224676, 1224680, 1224682, 1224725, 1224728, 1224733, 1224738, 1224747, 1224749, 1224759, 1224803, 1224827, 1224830, 1224831, 1224834, 1224838, 1224841, 1224844, 1224846, 1224847, 1224849, 1224854, 1224859, 1224867, 1224880, 1224882, 1224888, 1224889, 1224892, 1224893, 1224899, 1224904, 1224907, 1224916, 1224917, 1224922, 1224926, 1224930, 1224931, 1224942, 1224954, 1224956, 1224957, 1224959, 1224960, 1224961, 1224963, 1224966, 1224968, 1224981, 1224982, 1224983, 1224987, 1224990, 1224996, 1225008, 1225009, 1225010, 1225022, 1225026, 1225030, 1225054, 1225058, 1225059, 1225060, 1225062, 1225082, 1225084, 1225086, 1225092, 1225096, 1225112, 1225124, 1225128, 1225132, 1225141, 1225143, 1225144, 1225151, 1225153, 1225155, 1225157, 1225164, 1225177, 1225189, 1225192, 1225193, 1225198, 1225201, 1225207, 1225208, 1225222, 1225230, 1225242, 1225244, 1225247, 1225251, 1225252, 1225256, 1225303, 1225318, 1225322, 1225329, 1225330, 1225336, 1225347, 1225351, 1225354, 1225355, 1225360, 1225366, 1225367, 1225384, 1225390, 1225404, 1225409, 1225411, 1225438, 1225453, 1225479, 1225482, 1225506, 1225549, 1225560, 1225572, 1225640, 1225708, 1225764
CVE References: CVE-2021-46933, CVE-2021-46955, CVE-2021-47074, CVE-2021-47113, CVE-2021-47131, CVE-2021-47162, CVE-2021-47171, CVE-2021-47188, CVE-2021-47206, CVE-2021-47220, CVE-2021-47229, CVE-2021-47231, CVE-2021-47235, CVE-2021-47236, CVE-2021-47237, CVE-2021-47238, CVE-2021-47239, CVE-2021-47245, CVE-2021-47246, CVE-2021-47248, CVE-2021-47249, CVE-2021-47250, CVE-2021-47252, CVE-2021-47254, CVE-2021-47258, CVE-2021-47260, CVE-2021-47261, CVE-2021-47265, CVE-2021-47269, CVE-2021-47274, CVE-2021-47276, CVE-2021-47277, CVE-2021-47280, CVE-2021-47281, CVE-2021-47284, CVE-2021-47285, CVE-2021-47288, CVE-2021-47301, CVE-2021-47302, CVE-2021-47305, CVE-2021-47307, CVE-2021-47308, CVE-2021-47310, CVE-2021-47311, CVE-2021-47314, CVE-2021-47315, CVE-2021-47319, CVE-2021-47320, CVE-2021-47321, CVE-2021-47323, CVE-2021-47324, CVE-2021-47330, CVE-2021-47334, CVE-2021-47337, CVE-2021-47343, CVE-2021-47344, CVE-2021-47345, CVE-2021-47347, CVE-2021-47352, CVE-2021-47353, CVE-2021-47355, CVE-2021-47356, CVE-2021-47357, CVE-2021-47361, CVE-2021-47362, CVE-2021-47369, CVE-2021-47375, CVE-2021-47378, CVE-2021-47382, CVE-2021-47383, CVE-2021-47391, CVE-2021-47397, CVE-2021-47400, CVE-2021-47401, CVE-2021-47404, CVE-2021-47409, CVE-2021-47416, CVE-2021-47423, CVE-2021-47424, CVE-2021-47431, CVE-2021-47435, CVE-2021-47436, CVE-2021-47456, CVE-2021-47458, CVE-2021-47460, CVE-2021-47469, CVE-2021-47472, CVE-2021-47473, CVE-2021-47478, CVE-2021-47480, CVE-2021-47483, CVE-2021-47485, CVE-2021-47495, CVE-2021-47496, CVE-2021-47497, CVE-2021-47500, CVE-2021-47506, CVE-2021-47509, CVE-2021-47511, CVE-2021-47523, CVE-2021-47541, CVE-2021-47548, CVE-2021-47565, CVE-2022-48636, CVE-2022-48650, CVE-2022-48672, CVE-2022-48686, CVE-2022-48697, CVE-2022-48702, CVE-2022-48704, CVE-2022-48708, CVE-2022-48710, CVE-2023-0160, CVE-2023-1829, CVE-2023-42755, CVE-2023-47233, CVE-2023-52527, CVE-2023-52586, CVE-2023-52591, CVE-2023-52646, CVE-2023-52653, CVE-2023-52655, CVE-2023-52664, CVE-2023-52685, CVE-2023-52686, CVE-2023-52691, CVE-2023-52696, CVE-2023-52698, CVE-2023-52703, CVE-2023-52730, CVE-2023-52732, CVE-2023-52741, CVE-2023-52742, CVE-2023-52747, CVE-2023-52759, CVE-2023-52774, CVE-2023-52781, CVE-2023-52796, CVE-2023-52803, CVE-2023-52821, CVE-2023-52864, CVE-2023-52865, CVE-2023-52867, CVE-2023-52875, CVE-2023-52880, CVE-2024-0639, CVE-2024-26625, CVE-2024-26739, CVE-2024-26752, CVE-2024-26775, CVE-2024-26791, CVE-2024-26828, CVE-2024-26846, CVE-2024-26874, CVE-2024-26876, CVE-2024-26900, CVE-2024-26915, CVE-2024-26920, CVE-2024-26921, CVE-2024-26929, CVE-2024-26930, CVE-2024-26931, CVE-2024-26934, CVE-2024-26957, CVE-2024-26958, CVE-2024-26984, CVE-2024-26996, CVE-2024-27008, CVE-2024-27054, CVE-2024-27059, CVE-2024-27062, CVE-2024-27388, CVE-2024-27396, CVE-2024-27398, CVE-2024-27401, CVE-2024-27419, CVE-2024-27436, CVE-2024-35789, CVE-2024-35791, CVE-2024-35809, CVE-2024-35811, CVE-2024-35830, CVE-2024-35849, CVE-2024-35877, CVE-2024-35878, CVE-2024-35887, CVE-2024-35895, CVE-2024-35914, CVE-2024-35932, CVE-2024-35935, CVE-2024-35936, CVE-2024-35944, CVE-2024-35955, CVE-2024-35969, CVE-2024-35982, CVE-2024-35984, CVE-2024-36015, CVE-2024-36029, CVE-2024-36954
Maintenance Incident: [SUSE:Maintenance:34218](https://smelt.suse.de/incident/34218/)
Sources used:
SUSE Linux Enterprise Real Time 12 SP5 (src):
 kernel-syms-rt-4.12.14-10.188.1, kernel-source-rt-4.12.14-10.188.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 14 Maintenance Automation 2024-06-24 20:30:52 UTC 
SUSE-SU-2024:2184-1: An update that solves 198 vulnerabilities and has 28 security fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1101816, 1141539, 1181674, 1185902, 1187716, 1188616, 1190317, 1190795, 1191452, 1194591, 1197760, 1197894, 1203935, 1206213, 1206646, 1207186, 1209657, 1210335, 1215702, 1216702, 1217169, 1217519, 1218917, 1220487, 1220513, 1220854, 1220928, 1221044, 1221081, 1221086, 1221543, 1221545, 1221816, 1221977, 1221994, 1222559, 1222619, 1222627, 1222667, 1222671, 1222793, 1222893, 1222894, 1223023, 1223046, 1223048, 1223062, 1223084, 1223119, 1223138, 1223207, 1223360, 1223384, 1223432, 1223509, 1223512, 1223539, 1223540, 1223626, 1223627, 1223633, 1223653, 1223666, 1223671, 1223712, 1223715, 1223738, 1223744, 1223752, 1223802, 1223819, 1223834, 1223922, 1223923, 1223931, 1223932, 1223948, 1223969, 1224096, 1224174, 1224181, 1224347, 1224482, 1224511, 1224525, 1224566, 1224580, 1224592, 1224601, 1224607, 1224621, 1224644, 1224645, 1224648, 1224650, 1224663, 1224671, 1224676, 1224680, 1224682, 1224725, 1224728, 1224733, 1224738, 1224747, 1224749, 1224759, 1224803, 1224827, 1224830, 1224831, 1224834, 1224838, 1224841, 1224844, 1224846, 1224847, 1224849, 1224854, 1224859, 1224867, 1224880, 1224882, 1224888, 1224889, 1224892, 1224893, 1224899, 1224904, 1224907, 1224916, 1224917, 1224922, 1224926, 1224930, 1224931, 1224942, 1224954, 1224956, 1224957, 1224959, 1224960, 1224961, 1224963, 1224966, 1224968, 1224981, 1224982, 1224983, 1224987, 1224990, 1224996, 1225008, 1225009, 1225010, 1225022, 1225026, 1225030, 1225054, 1225058, 1225059, 1225060, 1225062, 1225082, 1225084, 1225086, 1225092, 1225096, 1225112, 1225124, 1225128, 1225132, 1225141, 1225143, 1225144, 1225151, 1225153, 1225155, 1225157, 1225164, 1225177, 1225189, 1225192, 1225193, 1225198, 1225201, 1225207, 1225208, 1225222, 1225230, 1225242, 1225244, 1225247, 1225251, 1225252, 1225256, 1225303, 1225318, 1225322, 1225329, 1225330, 1225336, 1225347, 1225351, 1225354, 1225355, 1225360, 1225366, 1225367, 1225384, 1225390, 1225404, 1225409, 1225411, 1225438, 1225453, 1225479, 1225482, 1225506, 1225549, 1225560, 1225572, 1225640, 1225708, 1225764
CVE References: CVE-2021-46933, CVE-2021-46955, CVE-2021-47074, CVE-2021-47113, CVE-2021-47131, CVE-2021-47162, CVE-2021-47171, CVE-2021-47188, CVE-2021-47206, CVE-2021-47220, CVE-2021-47229, CVE-2021-47231, CVE-2021-47235, CVE-2021-47236, CVE-2021-47237, CVE-2021-47238, CVE-2021-47239, CVE-2021-47245, CVE-2021-47246, CVE-2021-47248, CVE-2021-47249, CVE-2021-47250, CVE-2021-47252, CVE-2021-47254, CVE-2021-47258, CVE-2021-47260, CVE-2021-47261, CVE-2021-47265, CVE-2021-47269, CVE-2021-47274, CVE-2021-47276, CVE-2021-47277, CVE-2021-47280, CVE-2021-47281, CVE-2021-47284, CVE-2021-47285, CVE-2021-47288, CVE-2021-47301, CVE-2021-47302, CVE-2021-47305, CVE-2021-47307, CVE-2021-47308, CVE-2021-47310, CVE-2021-47311, CVE-2021-47314, CVE-2021-47315, CVE-2021-47319, CVE-2021-47320, CVE-2021-47321, CVE-2021-47323, CVE-2021-47324, CVE-2021-47330, CVE-2021-47334, CVE-2021-47337, CVE-2021-47343, CVE-2021-47344, CVE-2021-47345, CVE-2021-47347, CVE-2021-47352, CVE-2021-47353, CVE-2021-47355, CVE-2021-47356, CVE-2021-47357, CVE-2021-47361, CVE-2021-47362, CVE-2021-47369, CVE-2021-47375, CVE-2021-47378, CVE-2021-47382, CVE-2021-47383, CVE-2021-47391, CVE-2021-47397, CVE-2021-47400, CVE-2021-47401, CVE-2021-47404, CVE-2021-47409, CVE-2021-47416, CVE-2021-47423, CVE-2021-47424, CVE-2021-47431, CVE-2021-47435, CVE-2021-47436, CVE-2021-47456, CVE-2021-47458, CVE-2021-47460, CVE-2021-47469, CVE-2021-47472, CVE-2021-47473, CVE-2021-47478, CVE-2021-47480, CVE-2021-47483, CVE-2021-47485, CVE-2021-47495, CVE-2021-47496, CVE-2021-47497, CVE-2021-47500, CVE-2021-47506, CVE-2021-47509, CVE-2021-47511, CVE-2021-47523, CVE-2021-47541, CVE-2021-47548, CVE-2021-47565, CVE-2022-48636, CVE-2022-48650, CVE-2022-48672, CVE-2022-48686, CVE-2022-48697, CVE-2022-48702, CVE-2022-48704, CVE-2022-48708, CVE-2022-48710, CVE-2023-0160, CVE-2023-1829, CVE-2023-42755, CVE-2023-47233, CVE-2023-52527, CVE-2023-52586, CVE-2023-52591, CVE-2023-52646, CVE-2023-52653, CVE-2023-52655, CVE-2023-52664, CVE-2023-52685, CVE-2023-52686, CVE-2023-52691, CVE-2023-52696, CVE-2023-52698, CVE-2023-52703, CVE-2023-52730, CVE-2023-52732, CVE-2023-52741, CVE-2023-52742, CVE-2023-52747, CVE-2023-52759, CVE-2023-52774, CVE-2023-52781, CVE-2023-52796, CVE-2023-52803, CVE-2023-52821, CVE-2023-52864, CVE-2023-52865, CVE-2023-52867, CVE-2023-52875, CVE-2023-52880, CVE-2024-0639, CVE-2024-26625, CVE-2024-26739, CVE-2024-26752, CVE-2024-26775, CVE-2024-26791, CVE-2024-26828, CVE-2024-26846, CVE-2024-26874, CVE-2024-26876, CVE-2024-26900, CVE-2024-26915, CVE-2024-26920, CVE-2024-26921, CVE-2024-26929, CVE-2024-26930, CVE-2024-26931, CVE-2024-26934, CVE-2024-26957, CVE-2024-26958, CVE-2024-26984, CVE-2024-26996, CVE-2024-27008, CVE-2024-27054, CVE-2024-27059, CVE-2024-27062, CVE-2024-27388, CVE-2024-27396, CVE-2024-27398, CVE-2024-27401, CVE-2024-27419, CVE-2024-27436, CVE-2024-35789, CVE-2024-35791, CVE-2024-35809, CVE-2024-35811, CVE-2024-35830, CVE-2024-35849, CVE-2024-35877, CVE-2024-35878, CVE-2024-35887, CVE-2024-35895, CVE-2024-35914, CVE-2024-35932, CVE-2024-35935, CVE-2024-35936, CVE-2024-35944, CVE-2024-35955, CVE-2024-35969, CVE-2024-35982, CVE-2024-36015, CVE-2024-36029, CVE-2024-36954
Maintenance Incident: [SUSE:Maintenance:34269](https://smelt.suse.de/incident/34269/)
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):
 kgraft-patch-SLE12-SP5_Update_57-1-8.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src):
 kernel-obs-build-4.12.14-122.219.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 kernel-source-4.12.14-122.219.1, kernel-syms-4.12.14-122.219.1
SUSE Linux Enterprise Server 12 SP5 (src):
 kernel-source-4.12.14-122.219.1, kernel-syms-4.12.14-122.219.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 kernel-source-4.12.14-122.219.1, kernel-syms-4.12.14-122.219.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.