1224946 – (CVE-2023-52784) VUL-0: CVE-2023-52784: kernel: bonding: stop the device in bond_setup_by_slave()

Bug 1224946 (CVE-2023-52784) - VUL-0: CVE-2023-52784: kernel: bonding: stop the device in bond_setup_by_slave()

Summary: VUL-0: CVE-2023-52784: kernel: bonding: stop the device in bond_setup_by_slave()

Status:	NEW

Alias:	CVE-2023-52784

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/407161/
Whiteboard:	CVSSv3.1:SUSE:CVE-2023-52784:4.7:(AV:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2024-05-22 12:08 UTC by SMASH SMASH
Modified:	2024-07-18 16:35 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description SMASH SMASH 2024-05-22 12:08:59 UTC

In the Linux kernel, the following vulnerability has been resolved:

bonding: stop the device in bond_setup_by_slave()

Commit 9eed321cde22 ("net: lapbether: only support ethernet devices")
has been able to keep syzbot away from net/lapb, until today.

In the following splat [1], the issue is that a lapbether device has
been created on a bonding device without members. Then adding a non
ARPHRD_ETHER member forced the bonding master to change its type.

The fix is to make sure we call dev_close() in bond_setup_by_slave()
so that the potential linked lapbether devices (or any other devices
having assumptions on the physical device) are removed.

A similar bug has been addressed in commit 40baec225765
("bonding: fix panic on non-ARPHRD_ETHER enslave failure")

[1]
skbuff: skb_under_panic: text:ffff800089508810 len:44 put:40 head:ffff0000c78e7c00 data:ffff0000c78e7bea tail:0x16 end:0x140 dev:bond0
kernel BUG at net/core/skbuff.c:192 !
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 6007 Comm: syz-executor383 Not tainted 6.6.0-rc3-syzkaller-gbf6547d8715b #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : skb_panic net/core/skbuff.c:188 [inline]
pc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202
lr : skb_panic net/core/skbuff.c:188 [inline]
lr : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202
sp : ffff800096a06aa0
x29: ffff800096a06ab0 x28: ffff800096a06ba0 x27: dfff800000000000
x26: ffff0000ce9b9b50 x25: 0000000000000016 x24: ffff0000c78e7bea
x23: ffff0000c78e7c00 x22: 000000000000002c x21: 0000000000000140
x20: 0000000000000028 x19: ffff800089508810 x18: ffff800096a06100
x17: 0000000000000000 x16: ffff80008a629a3c x15: 0000000000000001
x14: 1fffe00036837a32 x13: 0000000000000000 x12: 0000000000000000
x11: 0000000000000201 x10: 0000000000000000 x9 : cb50b496c519aa00
x8 : cb50b496c519aa00 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800096a063b8 x4 : ffff80008e280f80 x3 : ffff8000805ad11c
x2 : 0000000000000001 x1 : 0000000100000201 x0 : 0000000000000086
Call trace:
skb_panic net/core/skbuff.c:188 [inline]
skb_under_panic+0x13c/0x140 net/core/skbuff.c:202
skb_push+0xf0/0x108 net/core/skbuff.c:2446
ip6gre_header+0xbc/0x738 net/ipv6/ip6_gre.c:1384
dev_hard_header include/linux/netdevice.h:3136 [inline]
lapbeth_data_transmit+0x1c4/0x298 drivers/net/wan/lapbether.c:257
lapb_data_transmit+0x8c/0xb0 net/lapb/lapb_iface.c:447
lapb_transmit_buffer+0x178/0x204 net/lapb/lapb_out.c:149
lapb_send_control+0x220/0x320 net/lapb/lapb_subr.c:251
__lapb_disconnect_request+0x9c/0x17c net/lapb/lapb_iface.c:326
lapb_device_event+0x288/0x4e0 net/lapb/lapb_iface.c:492
notifier_call_chain+0x1a4/0x510 kernel/notifier.c:93
raw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461
call_netdevice_notifiers_info net/core/dev.c:1970 [inline]
call_netdevice_notifiers_extack net/core/dev.c:2008 [inline]
call_netdevice_notifiers net/core/dev.c:2022 [inline]
__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508
dev_close_many+0x1e0/0x470 net/core/dev.c:1559
dev_close+0x174/0x250 net/core/dev.c:1585
lapbeth_device_event+0x2e4/0x958 drivers/net/wan/lapbether.c:466
notifier_call_chain+0x1a4/0x510 kernel/notifier.c:93
raw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461
call_netdevice_notifiers_info net/core/dev.c:1970 [inline]
call_netdevice_notifiers_extack net/core/dev.c:2008 [inline]
call_netdevice_notifiers net/core/dev.c:2022 [inline]
__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508
dev_close_many+0x1e0/0x470 net/core/dev.c:1559
dev_close+0x174/0x250 net/core/dev.c:1585
bond_enslave+0x2298/0x30cc drivers/net/bonding/bond_main.c:2332
bond_do_ioctl+0x268/0xc64 drivers/net/bonding/bond_main.c:4539
dev_ifsioc+0x754/0x9ac
dev_ioctl+0x4d8/0xd34 net/core/dev_ioctl.c:786
sock_do_ioctl+0x1d4/0x2d0 net/socket.c:1217
sock_ioctl+0x4e8/0x834 net/socket.c:1322
vfs_ioctl fs/ioctl.c:51 [inline]
__do_
---truncated---

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52784
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2023/CVE-2023-52784.mbox
https://git.kernel.org/stable/c/b4f0e605a508f6d7cda6df2f03a0c676b778b1fe
https://git.kernel.org/stable/c/396baca6683f415b5bc2b380289387bef1406edc
https://git.kernel.org/stable/c/53064e8239dd2ecfefc5634e991f1025abc2ee0c
https://git.kernel.org/stable/c/19554aa901b5833787df4417a05ccdebf351b7f4
https://git.kernel.org/stable/c/87c49806a37f88eddde3f537c162fd0c2834170c
https://git.kernel.org/stable/c/d98c91215a5748a0f536e7ccea26027005196859
https://git.kernel.org/stable/c/3cffa2ddc4d3fcf70cde361236f5a614f81a09b2
https://www.cve.org/CVERecord?id=CVE-2023-52784

Comment 18 Maintenance Automation 2024-07-09 16:30:46 UTC

SUSE-SU-2024:2372-1: An update that solves 249 vulnerabilities, contains three features and has 45 security fixes can now be installed.

Category: security (important)
Bug References: 1156395, 1190336, 1191958, 1193883, 1194826, 1195065, 1195254, 1195341, 1195349, 1195775, 1196746, 1197915, 1198014, 1199295, 1202767, 1202780, 1205205, 1207361, 1217912, 1218148, 1218570, 1218820, 1219224, 1219633, 1219847, 1220368, 1220812, 1220958, 1221086, 1221282, 1221958, 1222015, 1222072, 1222080, 1222241, 1222254, 1222364, 1222893, 1223013, 1223018, 1223265, 1223384, 1223641, 1224020, 1224331, 1224488, 1224497, 1224498, 1224504, 1224520, 1224539, 1224540, 1224552, 1224583, 1224588, 1224602, 1224603, 1224605, 1224612, 1224614, 1224619, 1224661, 1224662, 1224670, 1224671, 1224674, 1224677, 1224679, 1224696, 1224703, 1224712, 1224716, 1224719, 1224735, 1224749, 1224764, 1224765, 1224766, 1224935, 1224946, 1224951, 1225050, 1225098, 1225105, 1225300, 1225389, 1225391, 1225419, 1225426, 1225448, 1225452, 1225467, 1225475, 1225484, 1225487, 1225514, 1225518, 1225535, 1225585, 1225602, 1225611, 1225681, 1225692, 1225698, 1225699, 1225704, 1225714, 1225726, 1225732, 1225737, 1225749, 1225758, 1225759, 1225760, 1225767, 1225770, 1225823, 1225834, 1225840, 1225866, 1225872, 1225894, 1225945, 1226022, 1226131, 1226145, 1226149, 1226155, 1226211, 1226212, 1226226, 1226514, 1226520, 1226537, 1226538, 1226539, 1226550, 1226552, 1226553, 1226554, 1226556, 1226557, 1226558, 1226559, 1226561, 1226562, 1226563, 1226564, 1226566, 1226567, 1226569, 1226572, 1226575, 1226576, 1226577, 1226579, 1226580, 1226581, 1226582, 1226583, 1226585, 1226587, 1226588, 1226593, 1226595, 1226597, 1226601, 1226602, 1226603, 1226607, 1226610, 1226614, 1226616, 1226617, 1226618, 1226619, 1226621, 1226622, 1226624, 1226626, 1226628, 1226629, 1226632, 1226633, 1226634, 1226637, 1226643, 1226644, 1226645, 1226647, 1226650, 1226653, 1226657, 1226658, 1226669, 1226670, 1226672, 1226673, 1226674, 1226675, 1226678, 1226679, 1226683, 1226685, 1226686, 1226690, 1226691, 1226692, 1226693, 1226696, 1226697, 1226698, 1226699, 1226701, 1226702, 1226703, 1226704, 1226705, 1226706, 1226708, 1226709, 1226710, 1226711, 1226712, 1226713, 1226715, 1226716, 1226718, 1226719, 1226720, 1226721, 1226730, 1226732, 1226734, 1226735, 1226737, 1226738, 1226739, 1226740, 1226744, 1226746, 1226747, 1226749, 1226754, 1226762, 1226764, 1226767, 1226768, 1226769, 1226771, 1226774, 1226777, 1226780, 1226781, 1226785, 1226786, 1226789, 1226791, 1226839, 1226840, 1226841, 1226842, 1226848, 1226852, 1226857, 1226861, 1226863, 1226864, 1226867, 1226868, 1226876, 1226878, 1226883, 1226886, 1226890, 1226891, 1226895, 1226908, 1226915, 1226928, 1226948, 1226949, 1226950, 1226953, 1226962, 1226976, 1226992, 1226994, 1226996, 1227066, 1227096, 1227101, 1227103, 1227274
CVE References: CVE-2021-4439, CVE-2021-47089, CVE-2021-47432, CVE-2021-47515, CVE-2021-47534, CVE-2021-47538, CVE-2021-47539, CVE-2021-47555, CVE-2021-47566, CVE-2021-47571, CVE-2021-47572, CVE-2021-47576, CVE-2021-47577, CVE-2021-47578, CVE-2021-47580, CVE-2021-47582, CVE-2021-47583, CVE-2021-47584, CVE-2021-47585, CVE-2021-47586, CVE-2021-47587, CVE-2021-47589, CVE-2021-47592, CVE-2021-47595, CVE-2021-47596, CVE-2021-47597, CVE-2021-47600, CVE-2021-47601, CVE-2021-47602, CVE-2021-47603, CVE-2021-47604, CVE-2021-47605, CVE-2021-47607, CVE-2021-47608, CVE-2021-47609, CVE-2021-47610, CVE-2021-47611, CVE-2021-47612, CVE-2021-47614, CVE-2021-47615, CVE-2021-47616, CVE-2021-47617, CVE-2021-47618, CVE-2021-47619, CVE-2021-47620, CVE-2022-48711, CVE-2022-48712, CVE-2022-48713, CVE-2022-48714, CVE-2022-48715, CVE-2022-48716, CVE-2022-48717, CVE-2022-48718, CVE-2022-48720, CVE-2022-48721, CVE-2022-48722, CVE-2022-48723, CVE-2022-48724, CVE-2022-48725, CVE-2022-48726, CVE-2022-48727, CVE-2022-48728, CVE-2022-48729, CVE-2022-48730, CVE-2022-48732, CVE-2022-48733, CVE-2022-48734, CVE-2022-48735, CVE-2022-48736, CVE-2022-48737, CVE-2022-48738, CVE-2022-48739, CVE-2022-48740, CVE-2022-48743, CVE-2022-48744, CVE-2022-48745, CVE-2022-48746, CVE-2022-48747, CVE-2022-48748, CVE-2022-48749, CVE-2022-48751, CVE-2022-48752, CVE-2022-48753, CVE-2022-48754, CVE-2022-48755, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48763, CVE-2022-48765, CVE-2022-48766, CVE-2022-48767, CVE-2022-48768, CVE-2022-48769, CVE-2022-48770, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-52622, CVE-2023-52658, CVE-2023-52667, CVE-2023-52670, CVE-2023-52672, CVE-2023-52675, CVE-2023-52735, CVE-2023-52737, CVE-2023-52752, CVE-2023-52766, CVE-2023-52784, CVE-2023-52787, CVE-2023-52800, CVE-2023-52835, CVE-2023-52837, CVE-2023-52843, CVE-2023-52845, CVE-2023-52846, CVE-2023-52869, CVE-2023-52881, CVE-2023-52882, CVE-2023-52884, CVE-2024-26625, CVE-2024-26644, CVE-2024-26720, CVE-2024-26842, CVE-2024-26845, CVE-2024-26923, CVE-2024-26973, CVE-2024-27432, CVE-2024-33619, CVE-2024-35247, CVE-2024-35789, CVE-2024-35790, CVE-2024-35807, CVE-2024-35814, CVE-2024-35835, CVE-2024-35848, CVE-2024-35857, CVE-2024-35861, CVE-2024-35862, CVE-2024-35864, CVE-2024-35869, CVE-2024-35878, CVE-2024-35884, CVE-2024-35886, CVE-2024-35896, CVE-2024-35898, CVE-2024-35900, CVE-2024-35905, CVE-2024-35925, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35997, CVE-2024-36005, CVE-2024-36008, CVE-2024-36017, CVE-2024-36020, CVE-2024-36021, CVE-2024-36025, CVE-2024-36477, CVE-2024-36478, CVE-2024-36479, CVE-2024-36890, CVE-2024-36894, CVE-2024-36899, CVE-2024-36900, CVE-2024-36904, CVE-2024-36915, CVE-2024-36916, CVE-2024-36917, CVE-2024-36919, CVE-2024-36934, CVE-2024-36937, CVE-2024-36940, CVE-2024-36945, CVE-2024-36949, CVE-2024-36960, CVE-2024-36964, CVE-2024-36965, CVE-2024-36967, CVE-2024-36969, CVE-2024-36971, CVE-2024-36975, CVE-2024-36978, CVE-2024-37021, CVE-2024-37078, CVE-2024-37354, CVE-2024-38381, CVE-2024-38388, CVE-2024-38390, CVE-2024-38540, CVE-2024-38541, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38547, CVE-2024-38548, CVE-2024-38549, CVE-2024-38550, CVE-2024-38552, CVE-2024-38553, CVE-2024-38555, CVE-2024-38556, CVE-2024-38557, CVE-2024-38559, CVE-2024-38560, CVE-2024-38564, CVE-2024-38565, CVE-2024-38567, CVE-2024-38568, CVE-2024-38571, CVE-2024-38573, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38581, CVE-2024-38582, CVE-2024-38583, CVE-2024-38587, CVE-2024-38590, CVE-2024-38591, CVE-2024-38594, CVE-2024-38597, CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38603, CVE-2024-38605, CVE-2024-38608, CVE-2024-38616, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38627, CVE-2024-38630, CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780, CVE-2024-39301, CVE-2024-39468, CVE-2024-39469, CVE-2024-39471
Jira References: PED-8491, PED-8570, PED-8690
Maintenance Incident: [SUSE:Maintenance:34676](https://smelt.suse.de/incident/34676/)
Sources used:
Public Cloud Module 15-SP5 (src):
 kernel-source-azure-5.14.21-150500.33.60.1, kernel-syms-azure-5.14.21-150500.33.60.1
openSUSE Leap 15.5 (src):
 kernel-source-azure-5.14.21-150500.33.60.1, kernel-syms-azure-5.14.21-150500.33.60.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 19 Maintenance Automation 2024-07-09 16:32:43 UTC

SUSE-SU-2024:2360-1: An update that solves 148 vulnerabilities and has 15 security fixes can now be installed.

Category: security (important)
Bug References: 1119113, 1171988, 1191958, 1195065, 1195254, 1195775, 1204514, 1216062, 1217912, 1218148, 1219224, 1221010, 1221647, 1221654, 1221791, 1221958, 1222015, 1222080, 1222364, 1222385, 1222435, 1222809, 1222866, 1222879, 1222893, 1223013, 1223018, 1223021, 1223043, 1223384, 1223532, 1223641, 1224177, 1224432, 1224504, 1224549, 1224552, 1224572, 1224575, 1224583, 1224588, 1224605, 1224651, 1224660, 1224661, 1224662, 1224664, 1224668, 1224670, 1224672, 1224674, 1224677, 1224678, 1224703, 1224735, 1224739, 1224763, 1224764, 1224765, 1224946, 1224951, 1224967, 1224976, 1224977, 1224978, 1224993, 1224997, 1225047, 1225140, 1225184, 1225203, 1225232, 1225261, 1225306, 1225337, 1225372, 1225463, 1225484, 1225487, 1225490, 1225514, 1225518, 1225548, 1225555, 1225556, 1225559, 1225571, 1225573, 1225577, 1225583, 1225585, 1225599, 1225602, 1225611, 1225642, 1225681, 1225704, 1225722, 1225749, 1225758, 1225760, 1225761, 1225767, 1225770, 1225815, 1225840, 1225848, 1225866, 1225872, 1225894, 1225895, 1225898, 1226211, 1226212, 1226537, 1226554, 1226557, 1226562, 1226567, 1226575, 1226577, 1226593, 1226595, 1226597, 1226610, 1226614, 1226619, 1226621, 1226634, 1226637, 1226670, 1226672, 1226692, 1226698, 1226699, 1226701, 1226705, 1226708, 1226711, 1226712, 1226716, 1226718, 1226732, 1226735, 1226744, 1226746, 1226747, 1226749, 1226754, 1226767, 1226769, 1226857, 1226876, 1226883, 1226886, 1226895, 1226948, 1226949, 1226950, 1226962, 1226976, 1226996, 1227101
CVE References: CVE-2020-10135, CVE-2021-43389, CVE-2021-4439, CVE-2021-47103, CVE-2021-47191, CVE-2021-47193, CVE-2021-47267, CVE-2021-47270, CVE-2021-47293, CVE-2021-47294, CVE-2021-47297, CVE-2021-47309, CVE-2021-47328, CVE-2021-47354, CVE-2021-47372, CVE-2021-47379, CVE-2021-47407, CVE-2021-47418, CVE-2021-47434, CVE-2021-47445, CVE-2021-47518, CVE-2021-47544, CVE-2021-47566, CVE-2021-47571, CVE-2021-47576, CVE-2021-47587, CVE-2021-47589, CVE-2021-47600, CVE-2021-47602, CVE-2021-47603, CVE-2021-47609, CVE-2021-47617, CVE-2022-0435, CVE-2022-22942, CVE-2022-48711, CVE-2022-48715, CVE-2022-48722, CVE-2022-48732, CVE-2022-48733, CVE-2022-48740, CVE-2022-48743, CVE-2022-48754, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-52622, CVE-2023-52675, CVE-2023-52737, CVE-2023-52752, CVE-2023-52754, CVE-2023-52757, CVE-2023-52762, CVE-2023-52764, CVE-2023-52784, CVE-2023-52808, CVE-2023-52809, CVE-2023-5281, CVE-2023-52832, CVE-2023-52834, CVE-2023-52835, CVE-2023-52843, CVE-2023-52845, CVE-2023-52855, CVE-2023-52881, CVE-2024-26633, CVE-2024-26641, CVE-2024-26679, CVE-2024-26687, CVE-2024-26720, CVE-2024-26813, CVE-2024-26845, CVE-2024-26863, CVE-2024-26894, CVE-2024-26923, CVE-2024-26928, CVE-2024-26973, CVE-2024-27399, CVE-2024-27410, CVE-2024-35247, CVE-2024-35807, CVE-2024-35822, CVE-2024-35835, CVE-2024-35862, CVE-2024-35863, CVE-2024-35864, CVE-2024-35865, CVE-2024-35867, CVE-2024-35868, CVE-2024-35870, CVE-2024-35886, CVE-2024-35896, CVE-2024-35922, CVE-2024-35925, CVE-2024-35930, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35976, CVE-2024-35979, CVE-2024-35997, CVE-2024-35998, CVE-2024-36016, CVE-2024-36017, CVE-2024-36025, CVE-2024-36479, CVE-2024-36592, CVE-2024-36880, CVE-2024-36894, CVE-2024-36915, CVE-2024-36917, CVE-2024-36919, CVE-2024-36923, CVE-2024-36934, CVE-2024-36938, CVE-2024-36940, CVE-2024-36949, CVE-2024-36950, CVE-2024-36960, CVE-2024-36964, CVE-2024-37021, CVE-2024-37354, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38549, CVE-2024-38552, CVE-2024-38553, CVE-2024-38565, CVE-2024-38567, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38597, CVE-2024-38601, CVE-2024-38608, CVE-2024-38618, CVE-2024-38621, CVE-2024-38627, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780
Maintenance Incident: [SUSE:Maintenance:34677](https://smelt.suse.de/incident/34677/)
Sources used:
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 kernel-syms-azure-4.12.14-16.191.1, kernel-source-azure-4.12.14-16.191.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 kernel-syms-azure-4.12.14-16.191.1, kernel-source-azure-4.12.14-16.191.1
SUSE Linux Enterprise Server 12 SP5 (src):
 kernel-syms-azure-4.12.14-16.191.1, kernel-source-azure-4.12.14-16.191.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 20 Maintenance Automation 2024-07-10 08:30:14 UTC

SUSE-SU-2024:2381-1: An update that solves 143 vulnerabilities and has 18 security fixes can now be installed.

Category: security (important)
Bug References: 1119113, 1191958, 1195065, 1195254, 1195775, 1204514, 1216062, 1217912, 1218148, 1219224, 1221010, 1221647, 1221654, 1221791, 1221958, 1222015, 1222080, 1222364, 1222385, 1222435, 1222809, 1222866, 1222879, 1222893, 1223013, 1223018, 1223021, 1223043, 1223532, 1223641, 1224177, 1224432, 1224504, 1224549, 1224552, 1224572, 1224575, 1224583, 1224588, 1224605, 1224651, 1224660, 1224661, 1224662, 1224664, 1224668, 1224670, 1224672, 1224674, 1224677, 1224678, 1224703, 1224735, 1224739, 1224763, 1224764, 1224765, 1224946, 1224951, 1224967, 1224976, 1224977, 1224978, 1224993, 1224997, 1225047, 1225140, 1225184, 1225203, 1225232, 1225261, 1225306, 1225337, 1225372, 1225463, 1225484, 1225487, 1225490, 1225514, 1225518, 1225548, 1225555, 1225556, 1225559, 1225571, 1225573, 1225577, 1225583, 1225585, 1225599, 1225602, 1225611, 1225642, 1225681, 1225704, 1225722, 1225749, 1225758, 1225760, 1225761, 1225767, 1225770, 1225815, 1225840, 1225848, 1225866, 1225872, 1225894, 1225895, 1225898, 1226211, 1226212, 1226537, 1226554, 1226557, 1226562, 1226567, 1226575, 1226577, 1226593, 1226595, 1226597, 1226610, 1226614, 1226619, 1226621, 1226634, 1226637, 1226670, 1226672, 1226692, 1226698, 1226699, 1226701, 1226705, 1226708, 1226711, 1226712, 1226716, 1226718, 1226732, 1226735, 1226744, 1226746, 1226747, 1226749, 1226754, 1226767, 1226769, 1226857, 1226876, 1226883, 1226886, 1226895, 1226948, 1226949, 1226950, 1226962, 1226976, 1226996, 1227101
CVE References: CVE-2021-4439, CVE-2021-47103, CVE-2021-47191, CVE-2021-47193, CVE-2021-47267, CVE-2021-47270, CVE-2021-47293, CVE-2021-47294, CVE-2021-47297, CVE-2021-47309, CVE-2021-47328, CVE-2021-47354, CVE-2021-47372, CVE-2021-47379, CVE-2021-47407, CVE-2021-47418, CVE-2021-47434, CVE-2021-47445, CVE-2021-47518, CVE-2021-47544, CVE-2021-47566, CVE-2021-47571, CVE-2021-47576, CVE-2021-47587, CVE-2021-47589, CVE-2021-47600, CVE-2021-47602, CVE-2021-47603, CVE-2021-47609, CVE-2021-47617, CVE-2022-48711, CVE-2022-48715, CVE-2022-48722, CVE-2022-48732, CVE-2022-48733, CVE-2022-48740, CVE-2022-48743, CVE-2022-48754, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-52622, CVE-2023-52675, CVE-2023-52737, CVE-2023-52752, CVE-2023-52754, CVE-2023-52757, CVE-2023-52762, CVE-2023-52764, CVE-2023-52784, CVE-2023-52808, CVE-2023-52809, CVE-2023-5281, CVE-2023-52832, CVE-2023-52834, CVE-2023-52835, CVE-2023-52843, CVE-2023-52845, CVE-2023-52855, CVE-2023-52881, CVE-2024-26633, CVE-2024-26641, CVE-2024-26679, CVE-2024-26687, CVE-2024-26720, CVE-2024-26813, CVE-2024-26845, CVE-2024-26863, CVE-2024-26894, CVE-2024-26928, CVE-2024-26973, CVE-2024-27399, CVE-2024-27410, CVE-2024-35247, CVE-2024-35807, CVE-2024-35822, CVE-2024-35835, CVE-2024-35862, CVE-2024-35863, CVE-2024-35864, CVE-2024-35865, CVE-2024-35867, CVE-2024-35868, CVE-2024-35870, CVE-2024-35886, CVE-2024-35896, CVE-2024-35922, CVE-2024-35925, CVE-2024-35930, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35976, CVE-2024-35979, CVE-2024-35997, CVE-2024-35998, CVE-2024-36016, CVE-2024-36017, CVE-2024-36025, CVE-2024-36479, CVE-2024-36592, CVE-2024-36880, CVE-2024-36894, CVE-2024-36915, CVE-2024-36917, CVE-2024-36919, CVE-2024-36923, CVE-2024-36934, CVE-2024-36938, CVE-2024-36940, CVE-2024-36949, CVE-2024-36950, CVE-2024-36960, CVE-2024-36964, CVE-2024-37021, CVE-2024-37354, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38549, CVE-2024-38552, CVE-2024-38553, CVE-2024-38565, CVE-2024-38567, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38597, CVE-2024-38601, CVE-2024-38608, CVE-2024-38618, CVE-2024-38621, CVE-2024-38627, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780
Maintenance Incident: [SUSE:Maintenance:34690](https://smelt.suse.de/incident/34690/)
Sources used:
SUSE Linux Enterprise Real Time 12 SP5 (src):
 kernel-source-rt-4.12.14-10.191.1, kernel-syms-rt-4.12.14-10.191.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 22 Maintenance Automation 2024-07-10 20:30:19 UTC

SUSE-SU-2024:2394-1: An update that solves 249 vulnerabilities, contains three features and has 44 security fixes can now be installed.

Category: security (important)
Bug References: 1156395, 1190336, 1191958, 1193883, 1194826, 1195065, 1195254, 1195341, 1195349, 1195775, 1196746, 1197915, 1198014, 1199295, 1202767, 1202780, 1205205, 1207361, 1217912, 1218148, 1218570, 1218820, 1219224, 1219633, 1219847, 1220368, 1220812, 1220958, 1221086, 1221282, 1221958, 1222015, 1222072, 1222080, 1222241, 1222254, 1222364, 1222893, 1223013, 1223018, 1223265, 1223384, 1223641, 1224020, 1224331, 1224488, 1224497, 1224498, 1224504, 1224520, 1224539, 1224540, 1224552, 1224583, 1224588, 1224602, 1224603, 1224605, 1224612, 1224614, 1224619, 1224661, 1224662, 1224670, 1224671, 1224674, 1224677, 1224679, 1224696, 1224703, 1224712, 1224716, 1224719, 1224735, 1224749, 1224764, 1224765, 1224766, 1224935, 1224946, 1224951, 1225050, 1225098, 1225105, 1225300, 1225389, 1225391, 1225419, 1225426, 1225448, 1225452, 1225467, 1225475, 1225484, 1225487, 1225514, 1225518, 1225535, 1225585, 1225602, 1225611, 1225681, 1225692, 1225698, 1225699, 1225704, 1225714, 1225726, 1225732, 1225737, 1225749, 1225758, 1225759, 1225760, 1225767, 1225770, 1225823, 1225834, 1225840, 1225866, 1225872, 1225894, 1226022, 1226131, 1226145, 1226149, 1226155, 1226211, 1226212, 1226226, 1226514, 1226520, 1226537, 1226538, 1226539, 1226550, 1226552, 1226553, 1226554, 1226556, 1226557, 1226558, 1226559, 1226561, 1226562, 1226563, 1226564, 1226566, 1226567, 1226569, 1226572, 1226575, 1226576, 1226577, 1226579, 1226580, 1226581, 1226582, 1226583, 1226585, 1226587, 1226588, 1226593, 1226595, 1226597, 1226601, 1226602, 1226603, 1226607, 1226610, 1226614, 1226616, 1226617, 1226618, 1226619, 1226621, 1226622, 1226624, 1226626, 1226628, 1226629, 1226632, 1226633, 1226634, 1226637, 1226643, 1226644, 1226645, 1226647, 1226650, 1226653, 1226657, 1226658, 1226669, 1226670, 1226672, 1226673, 1226674, 1226675, 1226678, 1226679, 1226683, 1226685, 1226686, 1226690, 1226691, 1226692, 1226693, 1226696, 1226697, 1226698, 1226699, 1226701, 1226702, 1226703, 1226704, 1226705, 1226706, 1226708, 1226709, 1226710, 1226711, 1226712, 1226713, 1226715, 1226716, 1226718, 1226719, 1226720, 1226721, 1226730, 1226732, 1226734, 1226735, 1226737, 1226738, 1226739, 1226740, 1226744, 1226746, 1226747, 1226749, 1226754, 1226762, 1226764, 1226767, 1226768, 1226769, 1226771, 1226774, 1226777, 1226780, 1226781, 1226785, 1226786, 1226789, 1226791, 1226839, 1226840, 1226841, 1226842, 1226848, 1226852, 1226857, 1226861, 1226863, 1226864, 1226867, 1226868, 1226876, 1226878, 1226883, 1226886, 1226890, 1226891, 1226895, 1226908, 1226915, 1226928, 1226948, 1226949, 1226950, 1226953, 1226962, 1226976, 1226992, 1226994, 1226996, 1227066, 1227096, 1227101, 1227103, 1227274
CVE References: CVE-2021-4439, CVE-2021-47089, CVE-2021-47432, CVE-2021-47515, CVE-2021-47534, CVE-2021-47538, CVE-2021-47539, CVE-2021-47555, CVE-2021-47566, CVE-2021-47571, CVE-2021-47572, CVE-2021-47576, CVE-2021-47577, CVE-2021-47578, CVE-2021-47580, CVE-2021-47582, CVE-2021-47583, CVE-2021-47584, CVE-2021-47585, CVE-2021-47586, CVE-2021-47587, CVE-2021-47589, CVE-2021-47592, CVE-2021-47595, CVE-2021-47596, CVE-2021-47597, CVE-2021-47600, CVE-2021-47601, CVE-2021-47602, CVE-2021-47603, CVE-2021-47604, CVE-2021-47605, CVE-2021-47607, CVE-2021-47608, CVE-2021-47609, CVE-2021-47610, CVE-2021-47611, CVE-2021-47612, CVE-2021-47614, CVE-2021-47615, CVE-2021-47616, CVE-2021-47617, CVE-2021-47618, CVE-2021-47619, CVE-2021-47620, CVE-2022-48711, CVE-2022-48712, CVE-2022-48713, CVE-2022-48714, CVE-2022-48715, CVE-2022-48716, CVE-2022-48717, CVE-2022-48718, CVE-2022-48720, CVE-2022-48721, CVE-2022-48722, CVE-2022-48723, CVE-2022-48724, CVE-2022-48725, CVE-2022-48726, CVE-2022-48727, CVE-2022-48728, CVE-2022-48729, CVE-2022-48730, CVE-2022-48732, CVE-2022-48733, CVE-2022-48734, CVE-2022-48735, CVE-2022-48736, CVE-2022-48737, CVE-2022-48738, CVE-2022-48739, CVE-2022-48740, CVE-2022-48743, CVE-2022-48744, CVE-2022-48745, CVE-2022-48746, CVE-2022-48747, CVE-2022-48748, CVE-2022-48749, CVE-2022-48751, CVE-2022-48752, CVE-2022-48753, CVE-2022-48754, CVE-2022-48755, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48763, CVE-2022-48765, CVE-2022-48766, CVE-2022-48767, CVE-2022-48768, CVE-2022-48769, CVE-2022-48770, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-52622, CVE-2023-52658, CVE-2023-52667, CVE-2023-52670, CVE-2023-52672, CVE-2023-52675, CVE-2023-52735, CVE-2023-52737, CVE-2023-52752, CVE-2023-52766, CVE-2023-52784, CVE-2023-52787, CVE-2023-52800, CVE-2023-52835, CVE-2023-52837, CVE-2023-52843, CVE-2023-52845, CVE-2023-52846, CVE-2023-52869, CVE-2023-52881, CVE-2023-52882, CVE-2023-52884, CVE-2024-26625, CVE-2024-26644, CVE-2024-26720, CVE-2024-26842, CVE-2024-26845, CVE-2024-26923, CVE-2024-26973, CVE-2024-27432, CVE-2024-33619, CVE-2024-35247, CVE-2024-35789, CVE-2024-35790, CVE-2024-35807, CVE-2024-35814, CVE-2024-35835, CVE-2024-35848, CVE-2024-35857, CVE-2024-35861, CVE-2024-35862, CVE-2024-35864, CVE-2024-35869, CVE-2024-35878, CVE-2024-35884, CVE-2024-35886, CVE-2024-35896, CVE-2024-35898, CVE-2024-35900, CVE-2024-35905, CVE-2024-35925, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35997, CVE-2024-36005, CVE-2024-36008, CVE-2024-36017, CVE-2024-36020, CVE-2024-36021, CVE-2024-36025, CVE-2024-36477, CVE-2024-36478, CVE-2024-36479, CVE-2024-36890, CVE-2024-36894, CVE-2024-36899, CVE-2024-36900, CVE-2024-36904, CVE-2024-36915, CVE-2024-36916, CVE-2024-36917, CVE-2024-36919, CVE-2024-36934, CVE-2024-36937, CVE-2024-36940, CVE-2024-36945, CVE-2024-36949, CVE-2024-36960, CVE-2024-36964, CVE-2024-36965, CVE-2024-36967, CVE-2024-36969, CVE-2024-36971, CVE-2024-36975, CVE-2024-36978, CVE-2024-37021, CVE-2024-37078, CVE-2024-37354, CVE-2024-38381, CVE-2024-38388, CVE-2024-38390, CVE-2024-38540, CVE-2024-38541, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38547, CVE-2024-38548, CVE-2024-38549, CVE-2024-38550, CVE-2024-38552, CVE-2024-38553, CVE-2024-38555, CVE-2024-38556, CVE-2024-38557, CVE-2024-38559, CVE-2024-38560, CVE-2024-38564, CVE-2024-38565, CVE-2024-38567, CVE-2024-38568, CVE-2024-38571, CVE-2024-38573, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38581, CVE-2024-38582, CVE-2024-38583, CVE-2024-38587, CVE-2024-38590, CVE-2024-38591, CVE-2024-38594, CVE-2024-38597, CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38603, CVE-2024-38605, CVE-2024-38608, CVE-2024-38616, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38627, CVE-2024-38630, CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780, CVE-2024-39301, CVE-2024-39468, CVE-2024-39469, CVE-2024-39471
Jira References: PED-8491, PED-8570, PED-8690
Maintenance Incident: [SUSE:Maintenance:34699](https://smelt.suse.de/incident/34699/)
Sources used:
openSUSE Leap 15.5 (src):
 kernel-livepatch-SLE15-SP5-RT_Update_17-1-150500.11.3.1, kernel-syms-rt-5.14.21-150500.13.61.1, kernel-source-rt-5.14.21-150500.13.61.1
SUSE Linux Enterprise Micro 5.5 (src):
 kernel-source-rt-5.14.21-150500.13.61.1
SUSE Linux Enterprise Live Patching 15-SP5 (src):
 kernel-livepatch-SLE15-SP5-RT_Update_17-1-150500.11.3.1
SUSE Real Time Module 15-SP5 (src):
 kernel-syms-rt-5.14.21-150500.13.61.1, kernel-source-rt-5.14.21-150500.13.61.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 24 Maintenance Automation 2024-07-18 16:31:06 UTC

SUSE-SU-2024:2561-1: An update that solves 176 vulnerabilities and has 17 security fixes can now be installed.

Category: security (important)
Bug References: 1119113, 1171988, 1191958, 1195065, 1195254, 1195775, 1204514, 1215420, 1216062, 1217912, 1218148, 1219224, 1220833, 1221010, 1221647, 1221654, 1221656, 1221659, 1221791, 1221958, 1222005, 1222015, 1222080, 1222364, 1222385, 1222435, 1222792, 1222809, 1222866, 1222879, 1222893, 1223013, 1223018, 1223021, 1223043, 1223188, 1223384, 1223532, 1223641, 1224177, 1224432, 1224504, 1224549, 1224552, 1224572, 1224575, 1224583, 1224588, 1224605, 1224622, 1224627, 1224647, 1224651, 1224660, 1224661, 1224662, 1224664, 1224668, 1224670, 1224672, 1224674, 1224677, 1224678, 1224683, 1224686, 1224703, 1224735, 1224739, 1224743, 1224763, 1224764, 1224765, 1224946, 1224951, 1224965, 1224967, 1224976, 1224977, 1224978, 1224993, 1224997, 1225047, 1225140, 1225184, 1225203, 1225229, 1225232, 1225261, 1225306, 1225337, 1225357, 1225372, 1225431, 1225463, 1225478, 1225484, 1225487, 1225490, 1225505, 1225514, 1225518, 1225530, 1225532, 1225548, 1225555, 1225556, 1225559, 1225569, 1225571, 1225573, 1225577, 1225583, 1225585, 1225593, 1225599, 1225602, 1225611, 1225642, 1225681, 1225704, 1225722, 1225749, 1225758, 1225760, 1225761, 1225767, 1225770, 1225815, 1225835, 1225840, 1225848, 1225866, 1225872, 1225894, 1225895, 1225898, 1226211, 1226212, 1226537, 1226554, 1226557, 1226562, 1226567, 1226575, 1226577, 1226593, 1226595, 1226597, 1226610, 1226614, 1226619, 1226621, 1226634, 1226637, 1226670, 1226672, 1226692, 1226698, 1226699, 1226701, 1226705, 1226708, 1226711, 1226712, 1226716, 1226718, 1226732, 1226735, 1226744, 1226746, 1226747, 1226749, 1226754, 1226757, 1226767, 1226769, 1226857, 1226861, 1226876, 1226883, 1226886, 1226895, 1226948, 1226949, 1226950, 1226962, 1226976, 1226994, 1226996, 1227101, 1227407, 1227435, 1227487
CVE References: CVE-2020-10135, CVE-2021-43389, CVE-2021-4439, CVE-2021-47103, CVE-2021-47145, CVE-2021-47191, CVE-2021-47193, CVE-2021-47201, CVE-2021-47267, CVE-2021-47270, CVE-2021-47275, CVE-2021-47293, CVE-2021-47294, CVE-2021-47297, CVE-2021-47309, CVE-2021-47328, CVE-2021-47354, CVE-2021-47372, CVE-2021-47379, CVE-2021-47407, CVE-2021-47418, CVE-2021-47434, CVE-2021-47438, CVE-2021-47445, CVE-2021-47498, CVE-2021-47518, CVE-2021-47520, CVE-2021-47544, CVE-2021-47547, CVE-2021-47566, CVE-2021-47571, CVE-2021-47576, CVE-2021-47587, CVE-2021-47589, CVE-2021-47600, CVE-2021-47602, CVE-2021-47603, CVE-2021-47609, CVE-2021-47617, CVE-2022-0435, CVE-2022-22942, CVE-2022-48711, CVE-2022-48715, CVE-2022-48722, CVE-2022-48732, CVE-2022-48733, CVE-2022-48740, CVE-2022-48743, CVE-2022-48754, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-4244, CVE-2023-52507, CVE-2023-52622, CVE-2023-52675, CVE-2023-52683, CVE-2023-52693, CVE-2023-52737, CVE-2023-52752, CVE-2023-52753, CVE-2023-52754, CVE-2023-52757, CVE-2023-52762, CVE-2023-52764, CVE-2023-52784, CVE-2023-52808, CVE-2023-52809, CVE-2023-5281, CVE-2023-52817, CVE-2023-52818, CVE-2023-52819, CVE-2023-52832, CVE-2023-52834, CVE-2023-52835, CVE-2023-52843, CVE-2023-52845, CVE-2023-52855, CVE-2023-52881, CVE-2024-26633, CVE-2024-26635, CVE-2024-26636, CVE-2024-26641, CVE-2024-26679, CVE-2024-26687, CVE-2024-26720, CVE-2024-26813, CVE-2024-26845, CVE-2024-26863, CVE-2024-26880, CVE-2024-26894, CVE-2024-26923, CVE-2024-26928, CVE-2024-26973, CVE-2024-27399, CVE-2024-27410, CVE-2024-35247, CVE-2024-35805, CVE-2024-35807, CVE-2024-35819, CVE-2024-35822, CVE-2024-35828, CVE-2024-35835, CVE-2024-35862, CVE-2024-35863, CVE-2024-35864, CVE-2024-35865, CVE-2024-35867, CVE-2024-35868, CVE-2024-35870, CVE-2024-35886, CVE-2024-35896, CVE-2024-35922, CVE-2024-35925, CVE-2024-35930, CVE-2024-35947, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35976, CVE-2024-35979, CVE-2024-35997, CVE-2024-35998, CVE-2024-36014, CVE-2024-36016, CVE-2024-36017, CVE-2024-36025, CVE-2024-36479, CVE-2024-36880, CVE-2024-36894, CVE-2024-36915, CVE-2024-36917, CVE-2024-36919, CVE-2024-36923, CVE-2024-36934, CVE-2024-36938, CVE-2024-36940, CVE-2024-36941, CVE-2024-36949, CVE-2024-36950, CVE-2024-36952, CVE-2024-36960, CVE-2024-36964, CVE-2024-37021, CVE-2024-37354, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38549, CVE-2024-38552, CVE-2024-38553, CVE-2024-38565, CVE-2024-38567, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38597, CVE-2024-38598, CVE-2024-38601, CVE-2024-38608, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38627, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780, CVE-2024-39301, CVE-2024-39475
Maintenance Incident: [SUSE:Maintenance:34719](https://smelt.suse.de/incident/34719/)
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):
 kgraft-patch-SLE12-SP5_Update_58-1-8.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src):
 kernel-obs-build-4.12.14-122.222.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 kernel-syms-4.12.14-122.222.1, kernel-source-4.12.14-122.222.1
SUSE Linux Enterprise Server 12 SP5 (src):
 kernel-syms-4.12.14-122.222.1, kernel-source-4.12.14-122.222.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 kernel-syms-4.12.14-122.222.1, kernel-source-4.12.14-122.222.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 25 Maintenance Automation 2024-07-18 16:35:39 UTC

SUSE-SU-2024:2561-1: An update that solves 176 vulnerabilities and has 17 security fixes can now be installed.

Category: security (important)
Bug References: 1119113, 1171988, 1191958, 1195065, 1195254, 1195775, 1204514, 1215420, 1216062, 1217912, 1218148, 1219224, 1220833, 1221010, 1221647, 1221654, 1221656, 1221659, 1221791, 1221958, 1222005, 1222015, 1222080, 1222364, 1222385, 1222435, 1222792, 1222809, 1222866, 1222879, 1222893, 1223013, 1223018, 1223021, 1223043, 1223188, 1223384, 1223532, 1223641, 1224177, 1224432, 1224504, 1224549, 1224552, 1224572, 1224575, 1224583, 1224588, 1224605, 1224622, 1224627, 1224647, 1224651, 1224660, 1224661, 1224662, 1224664, 1224668, 1224670, 1224672, 1224674, 1224677, 1224678, 1224683, 1224686, 1224703, 1224735, 1224739, 1224743, 1224763, 1224764, 1224765, 1224946, 1224951, 1224965, 1224967, 1224976, 1224977, 1224978, 1224993, 1224997, 1225047, 1225140, 1225184, 1225203, 1225229, 1225232, 1225261, 1225306, 1225337, 1225357, 1225372, 1225431, 1225463, 1225478, 1225484, 1225487, 1225490, 1225505, 1225514, 1225518, 1225530, 1225532, 1225548, 1225555, 1225556, 1225559, 1225569, 1225571, 1225573, 1225577, 1225583, 1225585, 1225593, 1225599, 1225602, 1225611, 1225642, 1225681, 1225704, 1225722, 1225749, 1225758, 1225760, 1225761, 1225767, 1225770, 1225815, 1225835, 1225840, 1225848, 1225866, 1225872, 1225894, 1225895, 1225898, 1226211, 1226212, 1226537, 1226554, 1226557, 1226562, 1226567, 1226575, 1226577, 1226593, 1226595, 1226597, 1226610, 1226614, 1226619, 1226621, 1226634, 1226637, 1226670, 1226672, 1226692, 1226698, 1226699, 1226701, 1226705, 1226708, 1226711, 1226712, 1226716, 1226718, 1226732, 1226735, 1226744, 1226746, 1226747, 1226749, 1226754, 1226757, 1226767, 1226769, 1226857, 1226861, 1226876, 1226883, 1226886, 1226895, 1226948, 1226949, 1226950, 1226962, 1226976, 1226994, 1226996, 1227101, 1227407, 1227435, 1227487
CVE References: CVE-2020-10135, CVE-2021-43389, CVE-2021-4439, CVE-2021-47103, CVE-2021-47145, CVE-2021-47191, CVE-2021-47193, CVE-2021-47201, CVE-2021-47267, CVE-2021-47270, CVE-2021-47275, CVE-2021-47293, CVE-2021-47294, CVE-2021-47297, CVE-2021-47309, CVE-2021-47328, CVE-2021-47354, CVE-2021-47372, CVE-2021-47379, CVE-2021-47407, CVE-2021-47418, CVE-2021-47434, CVE-2021-47438, CVE-2021-47445, CVE-2021-47498, CVE-2021-47518, CVE-2021-47520, CVE-2021-47544, CVE-2021-47547, CVE-2021-47566, CVE-2021-47571, CVE-2021-47576, CVE-2021-47587, CVE-2021-47589, CVE-2021-47600, CVE-2021-47602, CVE-2021-47603, CVE-2021-47609, CVE-2021-47617, CVE-2022-0435, CVE-2022-22942, CVE-2022-48711, CVE-2022-48715, CVE-2022-48722, CVE-2022-48732, CVE-2022-48733, CVE-2022-48740, CVE-2022-48743, CVE-2022-48754, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-4244, CVE-2023-52507, CVE-2023-52622, CVE-2023-52675, CVE-2023-52683, CVE-2023-52693, CVE-2023-52737, CVE-2023-52752, CVE-2023-52753, CVE-2023-52754, CVE-2023-52757, CVE-2023-52762, CVE-2023-52764, CVE-2023-52784, CVE-2023-52808, CVE-2023-52809, CVE-2023-5281, CVE-2023-52817, CVE-2023-52818, CVE-2023-52819, CVE-2023-52832, CVE-2023-52834, CVE-2023-52835, CVE-2023-52843, CVE-2023-52845, CVE-2023-52855, CVE-2023-52881, CVE-2024-26633, CVE-2024-26635, CVE-2024-26636, CVE-2024-26641, CVE-2024-26679, CVE-2024-26687, CVE-2024-26720, CVE-2024-26813, CVE-2024-26845, CVE-2024-26863, CVE-2024-26880, CVE-2024-26894, CVE-2024-26923, CVE-2024-26928, CVE-2024-26973, CVE-2024-27399, CVE-2024-27410, CVE-2024-35247, CVE-2024-35805, CVE-2024-35807, CVE-2024-35819, CVE-2024-35822, CVE-2024-35828, CVE-2024-35835, CVE-2024-35862, CVE-2024-35863, CVE-2024-35864, CVE-2024-35865, CVE-2024-35867, CVE-2024-35868, CVE-2024-35870, CVE-2024-35886, CVE-2024-35896, CVE-2024-35922, CVE-2024-35925, CVE-2024-35930, CVE-2024-35947, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35976, CVE-2024-35979, CVE-2024-35997, CVE-2024-35998, CVE-2024-36014, CVE-2024-36016, CVE-2024-36017, CVE-2024-36025, CVE-2024-36479, CVE-2024-36880, CVE-2024-36894, CVE-2024-36915, CVE-2024-36917, CVE-2024-36919, CVE-2024-36923, CVE-2024-36934, CVE-2024-36938, CVE-2024-36940, CVE-2024-36941, CVE-2024-36949, CVE-2024-36950, CVE-2024-36952, CVE-2024-36960, CVE-2024-36964, CVE-2024-37021, CVE-2024-37354, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38549, CVE-2024-38552, CVE-2024-38553, CVE-2024-38565, CVE-2024-38567, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38597, CVE-2024-38598, CVE-2024-38601, CVE-2024-38608, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38627, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780, CVE-2024-39301, CVE-2024-39475
Maintenance Incident: [SUSE:Maintenance:34719](https://smelt.suse.de/incident/34719/)
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):
 kgraft-patch-SLE12-SP5_Update_58-1-8.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src):
 kernel-obs-build-4.12.14-122.222.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 kernel-syms-4.12.14-122.222.1, kernel-source-4.12.14-122.222.1
SUSE Linux Enterprise Server 12 SP5 (src):
 kernel-syms-4.12.14-122.222.1, kernel-source-4.12.14-122.222.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 kernel-syms-4.12.14-122.222.1, kernel-source-4.12.14-122.222.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.