Bug 1222667 (CVE-2024-26752) - VUL-0: CVE-2024-26752: kernel: l2tp: incorrect message length to passed to ip6_append_data
Summary: VUL-0: CVE-2024-26752: kernel: l2tp: incorrect message length to passed to i...
Status: RESOLVED FIXED
Alias: CVE-2024-26752
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/400242/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-26752:7.5:(AV:...
Keywords:
Depends on:
Blocks: 1223292
  Show dependency treegraph
 
Reported: 2024-04-11 08:53 UTC by SMASH SMASH
Modified: 2024-07-01 16:09 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description SMASH SMASH 2024-04-11 08:53:00 UTC 
In the Linux kernel, the following vulnerability has been resolved:

l2tp: pass correct message length to ip6_append_data

l2tp_ip6_sendmsg needs to avoid accounting for the transport header
twice when splicing more data into an already partially-occupied skbuff.

To manage this, we check whether the skbuff contains data using
skb_queue_empty when deciding how much data to append using
ip6_append_data.

However, the code which performed the calculation was incorrect:

     ulen = len + skb_queue_empty(&sk->sk_write_queue) ? transhdrlen : 0;

...due to C operator precedence, this ends up setting ulen to
transhdrlen for messages with a non-zero length, which results in
corrupted packets on the wire.

Add parentheses to correct the calculation in line with the original
intent.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-26752
https://www.cve.org/CVERecord?id=CVE-2024-26752
https://git.kernel.org/stable/c/0da15a70395182ee8cb75716baf00dddc0bea38d
https://git.kernel.org/stable/c/13cd1daeea848614e585b2c6ecc11ca9c8ab2500
https://git.kernel.org/stable/c/359e54a93ab43d32ee1bff3c2f9f10cb9f6b6e79
https://git.kernel.org/stable/c/4c3ce64bc9d36ca9164dd6c77ff144c121011aae
https://git.kernel.org/stable/c/804bd8650a3a2bf3432375f8c97d5049d845ce56
https://git.kernel.org/stable/c/83340c66b498e49353530e41542500fc8a4782d6
https://git.kernel.org/stable/c/c1d3a84a67db910ce28a871273c992c3d7f9efb5
https://git.kernel.org/stable/c/dcb4d14268595065c85dc5528056713928e17243
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-26752.mbox
https://bugzilla.redhat.com/show_bug.cgi?id=2273219
Comment 1 Thomas Leroy 2024-04-11 08:54:13 UTC 
stable already has the fix.
Only SLE15-SP6-GA has the offended commit and not the fix
Comment 17 Maintenance Automation 2024-06-11 08:30:18 UTC 
SUSE-SU-2024:1979-1: An update that solves 180 vulnerabilities and has 18 security fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1101816, 1181674, 1185902, 1187716, 1188616, 1190317, 1190795, 1191452, 1194591, 1197760, 1206213, 1206646, 1207186, 1209657, 1210335, 1215702, 1216702, 1217169, 1217519, 1220487, 1220854, 1220928, 1221044, 1221081, 1221086, 1221977, 1221994, 1222619, 1222627, 1222667, 1222671, 1222893, 1222894, 1223023, 1223046, 1223048, 1223084, 1223138, 1223207, 1223360, 1223384, 1223633, 1223653, 1223666, 1223671, 1223738, 1223752, 1223834, 1223922, 1223932, 1223948, 1224096, 1224174, 1224181, 1224347, 1224482, 1224511, 1224525, 1224566, 1224580, 1224592, 1224601, 1224607, 1224621, 1224644, 1224645, 1224648, 1224650, 1224663, 1224671, 1224676, 1224680, 1224682, 1224725, 1224728, 1224733, 1224738, 1224747, 1224749, 1224759, 1224803, 1224827, 1224830, 1224831, 1224834, 1224838, 1224841, 1224844, 1224846, 1224847, 1224849, 1224854, 1224859, 1224867, 1224880, 1224882, 1224888, 1224889, 1224892, 1224893, 1224899, 1224904, 1224907, 1224916, 1224917, 1224922, 1224926, 1224930, 1224931, 1224942, 1224954, 1224957, 1224959, 1224960, 1224961, 1224963, 1224966, 1224968, 1224981, 1224982, 1224983, 1224987, 1224990, 1224996, 1225008, 1225009, 1225010, 1225022, 1225026, 1225030, 1225054, 1225058, 1225059, 1225060, 1225062, 1225082, 1225084, 1225086, 1225092, 1225096, 1225112, 1225124, 1225128, 1225132, 1225141, 1225143, 1225144, 1225151, 1225153, 1225155, 1225157, 1225164, 1225177, 1225189, 1225192, 1225193, 1225198, 1225201, 1225207, 1225208, 1225222, 1225230, 1225242, 1225244, 1225247, 1225251, 1225252, 1225256, 1225303, 1225318, 1225322, 1225329, 1225330, 1225336, 1225347, 1225351, 1225354, 1225355, 1225360, 1225366, 1225367, 1225384, 1225390, 1225404, 1225409, 1225411, 1225438, 1225453, 1225479, 1225482, 1225506, 1225549, 1225560, 1225572, 1225640, 1225708, 1225764
CVE References: CVE-2021-46933, CVE-2021-47074, CVE-2021-47162, CVE-2021-47171, CVE-2021-47188, CVE-2021-47206, CVE-2021-47220, CVE-2021-47229, CVE-2021-47231, CVE-2021-47235, CVE-2021-47236, CVE-2021-47237, CVE-2021-47238, CVE-2021-47239, CVE-2021-47245, CVE-2021-47246, CVE-2021-47248, CVE-2021-47249, CVE-2021-47250, CVE-2021-47252, CVE-2021-47254, CVE-2021-47258, CVE-2021-47260, CVE-2021-47261, CVE-2021-47265, CVE-2021-47269, CVE-2021-47274, CVE-2021-47276, CVE-2021-47277, CVE-2021-47280, CVE-2021-47281, CVE-2021-47284, CVE-2021-47285, CVE-2021-47288, CVE-2021-47301, CVE-2021-47302, CVE-2021-47305, CVE-2021-47307, CVE-2021-47308, CVE-2021-47310, CVE-2021-47311, CVE-2021-47314, CVE-2021-47315, CVE-2021-47319, CVE-2021-47320, CVE-2021-47321, CVE-2021-47323, CVE-2021-47324, CVE-2021-47330, CVE-2021-47334, CVE-2021-47337, CVE-2021-47343, CVE-2021-47344, CVE-2021-47345, CVE-2021-47347, CVE-2021-47352, CVE-2021-47353, CVE-2021-47355, CVE-2021-47356, CVE-2021-47357, CVE-2021-47361, CVE-2021-47362, CVE-2021-47369, CVE-2021-47375, CVE-2021-47378, CVE-2021-47382, CVE-2021-47383, CVE-2021-47391, CVE-2021-47397, CVE-2021-47400, CVE-2021-47401, CVE-2021-47404, CVE-2021-47409, CVE-2021-47416, CVE-2021-47423, CVE-2021-47424, CVE-2021-47431, CVE-2021-47435, CVE-2021-47436, CVE-2021-47456, CVE-2021-47458, CVE-2021-47460, CVE-2021-47469, CVE-2021-47472, CVE-2021-47473, CVE-2021-47478, CVE-2021-47480, CVE-2021-47483, CVE-2021-47485, CVE-2021-47495, CVE-2021-47496, CVE-2021-47497, CVE-2021-47500, CVE-2021-47506, CVE-2021-47509, CVE-2021-47511, CVE-2021-47523, CVE-2021-47541, CVE-2021-47548, CVE-2021-47565, CVE-2022-48686, CVE-2022-48697, CVE-2022-48704, CVE-2022-48708, CVE-2022-48710, CVE-2023-0160, CVE-2023-1829, CVE-2023-42755, CVE-2023-47233, CVE-2023-52527, CVE-2023-52586, CVE-2023-52591, CVE-2023-52655, CVE-2023-52664, CVE-2023-52685, CVE-2023-52686, CVE-2023-52691, CVE-2023-52696, CVE-2023-52698, CVE-2023-52703, CVE-2023-52730, CVE-2023-52732, CVE-2023-52741, CVE-2023-52742, CVE-2023-52747, CVE-2023-52759, CVE-2023-52774, CVE-2023-52781, CVE-2023-52796, CVE-2023-52803, CVE-2023-52821, CVE-2023-52864, CVE-2023-52865, CVE-2023-52867, CVE-2023-52875, CVE-2023-52880, CVE-2024-26625, CVE-2024-26752, CVE-2024-26775, CVE-2024-26828, CVE-2024-26846, CVE-2024-26874, CVE-2024-26900, CVE-2024-26915, CVE-2024-26920, CVE-2024-26921, CVE-2024-26934, CVE-2024-26957, CVE-2024-26958, CVE-2024-26984, CVE-2024-26996, CVE-2024-27059, CVE-2024-27062, CVE-2024-27396, CVE-2024-27398, CVE-2024-27401, CVE-2024-27419, CVE-2024-27436, CVE-2024-35789, CVE-2024-35791, CVE-2024-35809, CVE-2024-35811, CVE-2024-35830, CVE-2024-35849, CVE-2024-35877, CVE-2024-35878, CVE-2024-35887, CVE-2024-35895, CVE-2024-35914, CVE-2024-35932, CVE-2024-35935, CVE-2024-35936, CVE-2024-35944, CVE-2024-35955, CVE-2024-35969, CVE-2024-35982, CVE-2024-35984, CVE-2024-36015, CVE-2024-36029, CVE-2024-36954
Maintenance Incident: [SUSE:Maintenance:34205](https://smelt.suse.de/incident/34205/)
Sources used:
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 kernel-syms-azure-4.12.14-16.188.1, kernel-source-azure-4.12.14-16.188.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 kernel-syms-azure-4.12.14-16.188.1, kernel-source-azure-4.12.14-16.188.1
SUSE Linux Enterprise Server 12 SP5 (src):
 kernel-syms-azure-4.12.14-16.188.1, kernel-source-azure-4.12.14-16.188.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Maintenance Automation 2024-06-11 12:30:32 UTC 
SUSE-SU-2024:1983-1: An update that solves 199 vulnerabilities and has 26 security fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1101816, 1141539, 1181674, 1185902, 1187716, 1188616, 1190317, 1190795, 1191452, 1194591, 1197760, 1197894, 1203935, 1206213, 1206646, 1207186, 1209657, 1210335, 1215702, 1216702, 1217169, 1217519, 1218917, 1220487, 1220513, 1220854, 1220928, 1221044, 1221081, 1221086, 1221543, 1221545, 1221816, 1221977, 1221994, 1222559, 1222619, 1222627, 1222667, 1222671, 1222793, 1222893, 1222894, 1223023, 1223046, 1223048, 1223084, 1223119, 1223138, 1223207, 1223360, 1223384, 1223432, 1223509, 1223512, 1223539, 1223540, 1223626, 1223627, 1223633, 1223653, 1223666, 1223671, 1223712, 1223715, 1223738, 1223744, 1223752, 1223802, 1223819, 1223834, 1223922, 1223923, 1223931, 1223932, 1223948, 1223969, 1224096, 1224174, 1224181, 1224347, 1224482, 1224511, 1224525, 1224566, 1224580, 1224592, 1224601, 1224607, 1224621, 1224644, 1224645, 1224648, 1224650, 1224663, 1224671, 1224676, 1224680, 1224682, 1224725, 1224728, 1224733, 1224738, 1224747, 1224749, 1224759, 1224803, 1224827, 1224830, 1224831, 1224834, 1224838, 1224841, 1224844, 1224846, 1224847, 1224849, 1224854, 1224859, 1224867, 1224880, 1224882, 1224888, 1224889, 1224892, 1224893, 1224899, 1224904, 1224907, 1224916, 1224917, 1224922, 1224926, 1224930, 1224931, 1224942, 1224954, 1224956, 1224957, 1224959, 1224960, 1224961, 1224963, 1224966, 1224968, 1224981, 1224982, 1224983, 1224987, 1224990, 1224996, 1225008, 1225009, 1225010, 1225022, 1225026, 1225030, 1225054, 1225058, 1225059, 1225060, 1225062, 1225082, 1225084, 1225086, 1225092, 1225096, 1225112, 1225124, 1225128, 1225132, 1225141, 1225143, 1225144, 1225151, 1225153, 1225155, 1225157, 1225164, 1225177, 1225189, 1225192, 1225193, 1225198, 1225201, 1225207, 1225208, 1225222, 1225230, 1225242, 1225244, 1225247, 1225251, 1225252, 1225256, 1225303, 1225318, 1225322, 1225329, 1225330, 1225336, 1225347, 1225351, 1225354, 1225355, 1225360, 1225366, 1225367, 1225384, 1225390, 1225404, 1225409, 1225411, 1225438, 1225453, 1225479, 1225482, 1225506, 1225549, 1225560, 1225572, 1225640, 1225708, 1225764
CVE References: CVE-2021-46933, CVE-2021-46955, CVE-2021-47074, CVE-2021-47113, CVE-2021-47131, CVE-2021-47162, CVE-2021-47171, CVE-2021-47188, CVE-2021-47206, CVE-2021-47220, CVE-2021-47229, CVE-2021-47231, CVE-2021-47235, CVE-2021-47236, CVE-2021-47237, CVE-2021-47238, CVE-2021-47239, CVE-2021-47245, CVE-2021-47246, CVE-2021-47248, CVE-2021-47249, CVE-2021-47250, CVE-2021-47252, CVE-2021-47254, CVE-2021-47258, CVE-2021-47260, CVE-2021-47261, CVE-2021-47265, CVE-2021-47269, CVE-2021-47274, CVE-2021-47276, CVE-2021-47277, CVE-2021-47280, CVE-2021-47281, CVE-2021-47284, CVE-2021-47285, CVE-2021-47288, CVE-2021-47301, CVE-2021-47302, CVE-2021-47305, CVE-2021-47307, CVE-2021-47308, CVE-2021-47310, CVE-2021-47311, CVE-2021-47314, CVE-2021-47315, CVE-2021-47319, CVE-2021-47320, CVE-2021-47321, CVE-2021-47323, CVE-2021-47324, CVE-2021-47330, CVE-2021-47334, CVE-2021-47337, CVE-2021-47343, CVE-2021-47344, CVE-2021-47345, CVE-2021-47347, CVE-2021-47352, CVE-2021-47353, CVE-2021-47355, CVE-2021-47356, CVE-2021-47357, CVE-2021-47361, CVE-2021-47362, CVE-2021-47369, CVE-2021-47375, CVE-2021-47378, CVE-2021-47382, CVE-2021-47383, CVE-2021-47391, CVE-2021-47397, CVE-2021-47400, CVE-2021-47401, CVE-2021-47404, CVE-2021-47409, CVE-2021-47416, CVE-2021-47423, CVE-2021-47424, CVE-2021-47431, CVE-2021-47435, CVE-2021-47436, CVE-2021-47456, CVE-2021-47458, CVE-2021-47460, CVE-2021-47469, CVE-2021-47472, CVE-2021-47473, CVE-2021-47478, CVE-2021-47480, CVE-2021-47483, CVE-2021-47485, CVE-2021-47495, CVE-2021-47496, CVE-2021-47497, CVE-2021-47500, CVE-2021-47506, CVE-2021-47509, CVE-2021-47511, CVE-2021-47523, CVE-2021-47541, CVE-2021-47548, CVE-2021-47565, CVE-2022-48636, CVE-2022-48650, CVE-2022-48672, CVE-2022-48686, CVE-2022-48697, CVE-2022-48702, CVE-2022-48704, CVE-2022-48708, CVE-2022-48710, CVE-2023-0160, CVE-2023-1829, CVE-2023-42755, CVE-2023-47233, CVE-2023-52527, CVE-2023-52586, CVE-2023-52591, CVE-2023-52646, CVE-2023-52653, CVE-2023-52655, CVE-2023-52664, CVE-2023-52685, CVE-2023-52686, CVE-2023-52691, CVE-2023-52696, CVE-2023-52698, CVE-2023-52703, CVE-2023-52730, CVE-2023-52732, CVE-2023-52741, CVE-2023-52742, CVE-2023-52747, CVE-2023-52759, CVE-2023-52774, CVE-2023-52781, CVE-2023-52796, CVE-2023-52803, CVE-2023-52821, CVE-2023-52864, CVE-2023-52865, CVE-2023-52867, CVE-2023-52875, CVE-2023-52880, CVE-2024-0639, CVE-2024-26625, CVE-2024-26739, CVE-2024-26752, CVE-2024-26775, CVE-2024-26791, CVE-2024-26828, CVE-2024-26846, CVE-2024-26874, CVE-2024-26876, CVE-2024-26900, CVE-2024-26915, CVE-2024-26920, CVE-2024-26921, CVE-2024-26929, CVE-2024-26930, CVE-2024-26931, CVE-2024-26934, CVE-2024-26957, CVE-2024-26958, CVE-2024-26984, CVE-2024-26996, CVE-2024-27008, CVE-2024-27054, CVE-2024-27059, CVE-2024-27062, CVE-2024-27388, CVE-2024-27396, CVE-2024-27398, CVE-2024-27401, CVE-2024-27419, CVE-2024-27436, CVE-2024-35789, CVE-2024-35791, CVE-2024-35809, CVE-2024-35811, CVE-2024-35830, CVE-2024-35849, CVE-2024-35877, CVE-2024-35878, CVE-2024-35887, CVE-2024-35895, CVE-2024-35914, CVE-2024-35932, CVE-2024-35935, CVE-2024-35936, CVE-2024-35944, CVE-2024-35955, CVE-2024-35969, CVE-2024-35982, CVE-2024-35984, CVE-2024-36015, CVE-2024-36029, CVE-2024-36954
Maintenance Incident: [SUSE:Maintenance:34218](https://smelt.suse.de/incident/34218/)
Sources used:
SUSE Linux Enterprise Real Time 12 SP5 (src):
 kernel-syms-rt-4.12.14-10.188.1, kernel-source-rt-4.12.14-10.188.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 21 Maintenance Automation 2024-06-24 20:30:28 UTC 
SUSE-SU-2024:2184-1: An update that solves 198 vulnerabilities and has 28 security fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1101816, 1141539, 1181674, 1185902, 1187716, 1188616, 1190317, 1190795, 1191452, 1194591, 1197760, 1197894, 1203935, 1206213, 1206646, 1207186, 1209657, 1210335, 1215702, 1216702, 1217169, 1217519, 1218917, 1220487, 1220513, 1220854, 1220928, 1221044, 1221081, 1221086, 1221543, 1221545, 1221816, 1221977, 1221994, 1222559, 1222619, 1222627, 1222667, 1222671, 1222793, 1222893, 1222894, 1223023, 1223046, 1223048, 1223062, 1223084, 1223119, 1223138, 1223207, 1223360, 1223384, 1223432, 1223509, 1223512, 1223539, 1223540, 1223626, 1223627, 1223633, 1223653, 1223666, 1223671, 1223712, 1223715, 1223738, 1223744, 1223752, 1223802, 1223819, 1223834, 1223922, 1223923, 1223931, 1223932, 1223948, 1223969, 1224096, 1224174, 1224181, 1224347, 1224482, 1224511, 1224525, 1224566, 1224580, 1224592, 1224601, 1224607, 1224621, 1224644, 1224645, 1224648, 1224650, 1224663, 1224671, 1224676, 1224680, 1224682, 1224725, 1224728, 1224733, 1224738, 1224747, 1224749, 1224759, 1224803, 1224827, 1224830, 1224831, 1224834, 1224838, 1224841, 1224844, 1224846, 1224847, 1224849, 1224854, 1224859, 1224867, 1224880, 1224882, 1224888, 1224889, 1224892, 1224893, 1224899, 1224904, 1224907, 1224916, 1224917, 1224922, 1224926, 1224930, 1224931, 1224942, 1224954, 1224956, 1224957, 1224959, 1224960, 1224961, 1224963, 1224966, 1224968, 1224981, 1224982, 1224983, 1224987, 1224990, 1224996, 1225008, 1225009, 1225010, 1225022, 1225026, 1225030, 1225054, 1225058, 1225059, 1225060, 1225062, 1225082, 1225084, 1225086, 1225092, 1225096, 1225112, 1225124, 1225128, 1225132, 1225141, 1225143, 1225144, 1225151, 1225153, 1225155, 1225157, 1225164, 1225177, 1225189, 1225192, 1225193, 1225198, 1225201, 1225207, 1225208, 1225222, 1225230, 1225242, 1225244, 1225247, 1225251, 1225252, 1225256, 1225303, 1225318, 1225322, 1225329, 1225330, 1225336, 1225347, 1225351, 1225354, 1225355, 1225360, 1225366, 1225367, 1225384, 1225390, 1225404, 1225409, 1225411, 1225438, 1225453, 1225479, 1225482, 1225506, 1225549, 1225560, 1225572, 1225640, 1225708, 1225764
CVE References: CVE-2021-46933, CVE-2021-46955, CVE-2021-47074, CVE-2021-47113, CVE-2021-47131, CVE-2021-47162, CVE-2021-47171, CVE-2021-47188, CVE-2021-47206, CVE-2021-47220, CVE-2021-47229, CVE-2021-47231, CVE-2021-47235, CVE-2021-47236, CVE-2021-47237, CVE-2021-47238, CVE-2021-47239, CVE-2021-47245, CVE-2021-47246, CVE-2021-47248, CVE-2021-47249, CVE-2021-47250, CVE-2021-47252, CVE-2021-47254, CVE-2021-47258, CVE-2021-47260, CVE-2021-47261, CVE-2021-47265, CVE-2021-47269, CVE-2021-47274, CVE-2021-47276, CVE-2021-47277, CVE-2021-47280, CVE-2021-47281, CVE-2021-47284, CVE-2021-47285, CVE-2021-47288, CVE-2021-47301, CVE-2021-47302, CVE-2021-47305, CVE-2021-47307, CVE-2021-47308, CVE-2021-47310, CVE-2021-47311, CVE-2021-47314, CVE-2021-47315, CVE-2021-47319, CVE-2021-47320, CVE-2021-47321, CVE-2021-47323, CVE-2021-47324, CVE-2021-47330, CVE-2021-47334, CVE-2021-47337, CVE-2021-47343, CVE-2021-47344, CVE-2021-47345, CVE-2021-47347, CVE-2021-47352, CVE-2021-47353, CVE-2021-47355, CVE-2021-47356, CVE-2021-47357, CVE-2021-47361, CVE-2021-47362, CVE-2021-47369, CVE-2021-47375, CVE-2021-47378, CVE-2021-47382, CVE-2021-47383, CVE-2021-47391, CVE-2021-47397, CVE-2021-47400, CVE-2021-47401, CVE-2021-47404, CVE-2021-47409, CVE-2021-47416, CVE-2021-47423, CVE-2021-47424, CVE-2021-47431, CVE-2021-47435, CVE-2021-47436, CVE-2021-47456, CVE-2021-47458, CVE-2021-47460, CVE-2021-47469, CVE-2021-47472, CVE-2021-47473, CVE-2021-47478, CVE-2021-47480, CVE-2021-47483, CVE-2021-47485, CVE-2021-47495, CVE-2021-47496, CVE-2021-47497, CVE-2021-47500, CVE-2021-47506, CVE-2021-47509, CVE-2021-47511, CVE-2021-47523, CVE-2021-47541, CVE-2021-47548, CVE-2021-47565, CVE-2022-48636, CVE-2022-48650, CVE-2022-48672, CVE-2022-48686, CVE-2022-48697, CVE-2022-48702, CVE-2022-48704, CVE-2022-48708, CVE-2022-48710, CVE-2023-0160, CVE-2023-1829, CVE-2023-42755, CVE-2023-47233, CVE-2023-52527, CVE-2023-52586, CVE-2023-52591, CVE-2023-52646, CVE-2023-52653, CVE-2023-52655, CVE-2023-52664, CVE-2023-52685, CVE-2023-52686, CVE-2023-52691, CVE-2023-52696, CVE-2023-52698, CVE-2023-52703, CVE-2023-52730, CVE-2023-52732, CVE-2023-52741, CVE-2023-52742, CVE-2023-52747, CVE-2023-52759, CVE-2023-52774, CVE-2023-52781, CVE-2023-52796, CVE-2023-52803, CVE-2023-52821, CVE-2023-52864, CVE-2023-52865, CVE-2023-52867, CVE-2023-52875, CVE-2023-52880, CVE-2024-0639, CVE-2024-26625, CVE-2024-26739, CVE-2024-26752, CVE-2024-26775, CVE-2024-26791, CVE-2024-26828, CVE-2024-26846, CVE-2024-26874, CVE-2024-26876, CVE-2024-26900, CVE-2024-26915, CVE-2024-26920, CVE-2024-26921, CVE-2024-26929, CVE-2024-26930, CVE-2024-26931, CVE-2024-26934, CVE-2024-26957, CVE-2024-26958, CVE-2024-26984, CVE-2024-26996, CVE-2024-27008, CVE-2024-27054, CVE-2024-27059, CVE-2024-27062, CVE-2024-27388, CVE-2024-27396, CVE-2024-27398, CVE-2024-27401, CVE-2024-27419, CVE-2024-27436, CVE-2024-35789, CVE-2024-35791, CVE-2024-35809, CVE-2024-35811, CVE-2024-35830, CVE-2024-35849, CVE-2024-35877, CVE-2024-35878, CVE-2024-35887, CVE-2024-35895, CVE-2024-35914, CVE-2024-35932, CVE-2024-35935, CVE-2024-35936, CVE-2024-35944, CVE-2024-35955, CVE-2024-35969, CVE-2024-35982, CVE-2024-36015, CVE-2024-36029, CVE-2024-36954
Maintenance Incident: [SUSE:Maintenance:34269](https://smelt.suse.de/incident/34269/)
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):
 kgraft-patch-SLE12-SP5_Update_57-1-8.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src):
 kernel-obs-build-4.12.14-122.219.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 kernel-source-4.12.14-122.219.1, kernel-syms-4.12.14-122.219.1
SUSE Linux Enterprise Server 12 SP5 (src):
 kernel-source-4.12.14-122.219.1, kernel-syms-4.12.14-122.219.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 kernel-source-4.12.14-122.219.1, kernel-syms-4.12.14-122.219.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.