Bug 1226597 (CVE-2024-38544) - VUL-0: CVE-2024-38544: kernel: RDMA/rxe: fix seg fault in rxe_comp_queue_pkt
Summary: VUL-0: CVE-2024-38544: kernel: RDMA/rxe: fix seg fault in rxe_comp_queue_pkt
Status: NEW
Alias: CVE-2024-38544
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/411444/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-38544:4.7:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2024-06-20 11:29 UTC by SMASH SMASH
Modified: 2024-07-18 16:36 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description SMASH SMASH 2024-06-20 11:29:39 UTC 
In the Linux kernel, the following vulnerability has been resolved:

RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt

In rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the
resp_pkts queue and then a decision is made whether to run the completer
task inline or schedule it. Finally the skb is dereferenced to bump a 'hw'
performance counter. This is wrong because if the completer task is
already running in a separate thread it may have already processed the skb
and freed it which can cause a seg fault.  This has been observed
infrequently in testing at high scale.

This patch fixes this by changing the order of enqueuing the packet until
after the counter is accessed.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-38544
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-38544.mbox
https://git.kernel.org/stable/c/faa8d0ecf6c9c7c2ace3ca3e552180ada6f75e19
https://git.kernel.org/stable/c/21b4c6d4d89030fd4657a8e7c8110fd941049794
https://git.kernel.org/stable/c/bbad88f111a1829f366c189aa48e7e58e57553fc
https://git.kernel.org/stable/c/30df4bef8b8e183333e9b6e9d4509d552c7da6eb
https://git.kernel.org/stable/c/2b23b6097303ed0ba5f4bc036a1c07b6027af5c6
https://www.cve.org/CVERecord?id=CVE-2024-38544
Comment 17 Maintenance Automation 2024-07-09 16:31:00 UTC 
SUSE-SU-2024:2372-1: An update that solves 249 vulnerabilities, contains three features and has 45 security fixes can now be installed.

Category: security (important)
Bug References: 1156395, 1190336, 1191958, 1193883, 1194826, 1195065, 1195254, 1195341, 1195349, 1195775, 1196746, 1197915, 1198014, 1199295, 1202767, 1202780, 1205205, 1207361, 1217912, 1218148, 1218570, 1218820, 1219224, 1219633, 1219847, 1220368, 1220812, 1220958, 1221086, 1221282, 1221958, 1222015, 1222072, 1222080, 1222241, 1222254, 1222364, 1222893, 1223013, 1223018, 1223265, 1223384, 1223641, 1224020, 1224331, 1224488, 1224497, 1224498, 1224504, 1224520, 1224539, 1224540, 1224552, 1224583, 1224588, 1224602, 1224603, 1224605, 1224612, 1224614, 1224619, 1224661, 1224662, 1224670, 1224671, 1224674, 1224677, 1224679, 1224696, 1224703, 1224712, 1224716, 1224719, 1224735, 1224749, 1224764, 1224765, 1224766, 1224935, 1224946, 1224951, 1225050, 1225098, 1225105, 1225300, 1225389, 1225391, 1225419, 1225426, 1225448, 1225452, 1225467, 1225475, 1225484, 1225487, 1225514, 1225518, 1225535, 1225585, 1225602, 1225611, 1225681, 1225692, 1225698, 1225699, 1225704, 1225714, 1225726, 1225732, 1225737, 1225749, 1225758, 1225759, 1225760, 1225767, 1225770, 1225823, 1225834, 1225840, 1225866, 1225872, 1225894, 1225945, 1226022, 1226131, 1226145, 1226149, 1226155, 1226211, 1226212, 1226226, 1226514, 1226520, 1226537, 1226538, 1226539, 1226550, 1226552, 1226553, 1226554, 1226556, 1226557, 1226558, 1226559, 1226561, 1226562, 1226563, 1226564, 1226566, 1226567, 1226569, 1226572, 1226575, 1226576, 1226577, 1226579, 1226580, 1226581, 1226582, 1226583, 1226585, 1226587, 1226588, 1226593, 1226595, 1226597, 1226601, 1226602, 1226603, 1226607, 1226610, 1226614, 1226616, 1226617, 1226618, 1226619, 1226621, 1226622, 1226624, 1226626, 1226628, 1226629, 1226632, 1226633, 1226634, 1226637, 1226643, 1226644, 1226645, 1226647, 1226650, 1226653, 1226657, 1226658, 1226669, 1226670, 1226672, 1226673, 1226674, 1226675, 1226678, 1226679, 1226683, 1226685, 1226686, 1226690, 1226691, 1226692, 1226693, 1226696, 1226697, 1226698, 1226699, 1226701, 1226702, 1226703, 1226704, 1226705, 1226706, 1226708, 1226709, 1226710, 1226711, 1226712, 1226713, 1226715, 1226716, 1226718, 1226719, 1226720, 1226721, 1226730, 1226732, 1226734, 1226735, 1226737, 1226738, 1226739, 1226740, 1226744, 1226746, 1226747, 1226749, 1226754, 1226762, 1226764, 1226767, 1226768, 1226769, 1226771, 1226774, 1226777, 1226780, 1226781, 1226785, 1226786, 1226789, 1226791, 1226839, 1226840, 1226841, 1226842, 1226848, 1226852, 1226857, 1226861, 1226863, 1226864, 1226867, 1226868, 1226876, 1226878, 1226883, 1226886, 1226890, 1226891, 1226895, 1226908, 1226915, 1226928, 1226948, 1226949, 1226950, 1226953, 1226962, 1226976, 1226992, 1226994, 1226996, 1227066, 1227096, 1227101, 1227103, 1227274
CVE References: CVE-2021-4439, CVE-2021-47089, CVE-2021-47432, CVE-2021-47515, CVE-2021-47534, CVE-2021-47538, CVE-2021-47539, CVE-2021-47555, CVE-2021-47566, CVE-2021-47571, CVE-2021-47572, CVE-2021-47576, CVE-2021-47577, CVE-2021-47578, CVE-2021-47580, CVE-2021-47582, CVE-2021-47583, CVE-2021-47584, CVE-2021-47585, CVE-2021-47586, CVE-2021-47587, CVE-2021-47589, CVE-2021-47592, CVE-2021-47595, CVE-2021-47596, CVE-2021-47597, CVE-2021-47600, CVE-2021-47601, CVE-2021-47602, CVE-2021-47603, CVE-2021-47604, CVE-2021-47605, CVE-2021-47607, CVE-2021-47608, CVE-2021-47609, CVE-2021-47610, CVE-2021-47611, CVE-2021-47612, CVE-2021-47614, CVE-2021-47615, CVE-2021-47616, CVE-2021-47617, CVE-2021-47618, CVE-2021-47619, CVE-2021-47620, CVE-2022-48711, CVE-2022-48712, CVE-2022-48713, CVE-2022-48714, CVE-2022-48715, CVE-2022-48716, CVE-2022-48717, CVE-2022-48718, CVE-2022-48720, CVE-2022-48721, CVE-2022-48722, CVE-2022-48723, CVE-2022-48724, CVE-2022-48725, CVE-2022-48726, CVE-2022-48727, CVE-2022-48728, CVE-2022-48729, CVE-2022-48730, CVE-2022-48732, CVE-2022-48733, CVE-2022-48734, CVE-2022-48735, CVE-2022-48736, CVE-2022-48737, CVE-2022-48738, CVE-2022-48739, CVE-2022-48740, CVE-2022-48743, CVE-2022-48744, CVE-2022-48745, CVE-2022-48746, CVE-2022-48747, CVE-2022-48748, CVE-2022-48749, CVE-2022-48751, CVE-2022-48752, CVE-2022-48753, CVE-2022-48754, CVE-2022-48755, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48763, CVE-2022-48765, CVE-2022-48766, CVE-2022-48767, CVE-2022-48768, CVE-2022-48769, CVE-2022-48770, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-52622, CVE-2023-52658, CVE-2023-52667, CVE-2023-52670, CVE-2023-52672, CVE-2023-52675, CVE-2023-52735, CVE-2023-52737, CVE-2023-52752, CVE-2023-52766, CVE-2023-52784, CVE-2023-52787, CVE-2023-52800, CVE-2023-52835, CVE-2023-52837, CVE-2023-52843, CVE-2023-52845, CVE-2023-52846, CVE-2023-52869, CVE-2023-52881, CVE-2023-52882, CVE-2023-52884, CVE-2024-26625, CVE-2024-26644, CVE-2024-26720, CVE-2024-26842, CVE-2024-26845, CVE-2024-26923, CVE-2024-26973, CVE-2024-27432, CVE-2024-33619, CVE-2024-35247, CVE-2024-35789, CVE-2024-35790, CVE-2024-35807, CVE-2024-35814, CVE-2024-35835, CVE-2024-35848, CVE-2024-35857, CVE-2024-35861, CVE-2024-35862, CVE-2024-35864, CVE-2024-35869, CVE-2024-35878, CVE-2024-35884, CVE-2024-35886, CVE-2024-35896, CVE-2024-35898, CVE-2024-35900, CVE-2024-35905, CVE-2024-35925, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35997, CVE-2024-36005, CVE-2024-36008, CVE-2024-36017, CVE-2024-36020, CVE-2024-36021, CVE-2024-36025, CVE-2024-36477, CVE-2024-36478, CVE-2024-36479, CVE-2024-36890, CVE-2024-36894, CVE-2024-36899, CVE-2024-36900, CVE-2024-36904, CVE-2024-36915, CVE-2024-36916, CVE-2024-36917, CVE-2024-36919, CVE-2024-36934, CVE-2024-36937, CVE-2024-36940, CVE-2024-36945, CVE-2024-36949, CVE-2024-36960, CVE-2024-36964, CVE-2024-36965, CVE-2024-36967, CVE-2024-36969, CVE-2024-36971, CVE-2024-36975, CVE-2024-36978, CVE-2024-37021, CVE-2024-37078, CVE-2024-37354, CVE-2024-38381, CVE-2024-38388, CVE-2024-38390, CVE-2024-38540, CVE-2024-38541, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38547, CVE-2024-38548, CVE-2024-38549, CVE-2024-38550, CVE-2024-38552, CVE-2024-38553, CVE-2024-38555, CVE-2024-38556, CVE-2024-38557, CVE-2024-38559, CVE-2024-38560, CVE-2024-38564, CVE-2024-38565, CVE-2024-38567, CVE-2024-38568, CVE-2024-38571, CVE-2024-38573, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38581, CVE-2024-38582, CVE-2024-38583, CVE-2024-38587, CVE-2024-38590, CVE-2024-38591, CVE-2024-38594, CVE-2024-38597, CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38603, CVE-2024-38605, CVE-2024-38608, CVE-2024-38616, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38627, CVE-2024-38630, CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780, CVE-2024-39301, CVE-2024-39468, CVE-2024-39469, CVE-2024-39471
Jira References: PED-8491, PED-8570, PED-8690
Maintenance Incident: [SUSE:Maintenance:34676](https://smelt.suse.de/incident/34676/)
Sources used:
Public Cloud Module 15-SP5 (src):
 kernel-source-azure-5.14.21-150500.33.60.1, kernel-syms-azure-5.14.21-150500.33.60.1
openSUSE Leap 15.5 (src):
 kernel-source-azure-5.14.21-150500.33.60.1, kernel-syms-azure-5.14.21-150500.33.60.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Maintenance Automation 2024-07-09 16:32:53 UTC 
SUSE-SU-2024:2360-1: An update that solves 148 vulnerabilities and has 15 security fixes can now be installed.

Category: security (important)
Bug References: 1119113, 1171988, 1191958, 1195065, 1195254, 1195775, 1204514, 1216062, 1217912, 1218148, 1219224, 1221010, 1221647, 1221654, 1221791, 1221958, 1222015, 1222080, 1222364, 1222385, 1222435, 1222809, 1222866, 1222879, 1222893, 1223013, 1223018, 1223021, 1223043, 1223384, 1223532, 1223641, 1224177, 1224432, 1224504, 1224549, 1224552, 1224572, 1224575, 1224583, 1224588, 1224605, 1224651, 1224660, 1224661, 1224662, 1224664, 1224668, 1224670, 1224672, 1224674, 1224677, 1224678, 1224703, 1224735, 1224739, 1224763, 1224764, 1224765, 1224946, 1224951, 1224967, 1224976, 1224977, 1224978, 1224993, 1224997, 1225047, 1225140, 1225184, 1225203, 1225232, 1225261, 1225306, 1225337, 1225372, 1225463, 1225484, 1225487, 1225490, 1225514, 1225518, 1225548, 1225555, 1225556, 1225559, 1225571, 1225573, 1225577, 1225583, 1225585, 1225599, 1225602, 1225611, 1225642, 1225681, 1225704, 1225722, 1225749, 1225758, 1225760, 1225761, 1225767, 1225770, 1225815, 1225840, 1225848, 1225866, 1225872, 1225894, 1225895, 1225898, 1226211, 1226212, 1226537, 1226554, 1226557, 1226562, 1226567, 1226575, 1226577, 1226593, 1226595, 1226597, 1226610, 1226614, 1226619, 1226621, 1226634, 1226637, 1226670, 1226672, 1226692, 1226698, 1226699, 1226701, 1226705, 1226708, 1226711, 1226712, 1226716, 1226718, 1226732, 1226735, 1226744, 1226746, 1226747, 1226749, 1226754, 1226767, 1226769, 1226857, 1226876, 1226883, 1226886, 1226895, 1226948, 1226949, 1226950, 1226962, 1226976, 1226996, 1227101
CVE References: CVE-2020-10135, CVE-2021-43389, CVE-2021-4439, CVE-2021-47103, CVE-2021-47191, CVE-2021-47193, CVE-2021-47267, CVE-2021-47270, CVE-2021-47293, CVE-2021-47294, CVE-2021-47297, CVE-2021-47309, CVE-2021-47328, CVE-2021-47354, CVE-2021-47372, CVE-2021-47379, CVE-2021-47407, CVE-2021-47418, CVE-2021-47434, CVE-2021-47445, CVE-2021-47518, CVE-2021-47544, CVE-2021-47566, CVE-2021-47571, CVE-2021-47576, CVE-2021-47587, CVE-2021-47589, CVE-2021-47600, CVE-2021-47602, CVE-2021-47603, CVE-2021-47609, CVE-2021-47617, CVE-2022-0435, CVE-2022-22942, CVE-2022-48711, CVE-2022-48715, CVE-2022-48722, CVE-2022-48732, CVE-2022-48733, CVE-2022-48740, CVE-2022-48743, CVE-2022-48754, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-52622, CVE-2023-52675, CVE-2023-52737, CVE-2023-52752, CVE-2023-52754, CVE-2023-52757, CVE-2023-52762, CVE-2023-52764, CVE-2023-52784, CVE-2023-52808, CVE-2023-52809, CVE-2023-5281, CVE-2023-52832, CVE-2023-52834, CVE-2023-52835, CVE-2023-52843, CVE-2023-52845, CVE-2023-52855, CVE-2023-52881, CVE-2024-26633, CVE-2024-26641, CVE-2024-26679, CVE-2024-26687, CVE-2024-26720, CVE-2024-26813, CVE-2024-26845, CVE-2024-26863, CVE-2024-26894, CVE-2024-26923, CVE-2024-26928, CVE-2024-26973, CVE-2024-27399, CVE-2024-27410, CVE-2024-35247, CVE-2024-35807, CVE-2024-35822, CVE-2024-35835, CVE-2024-35862, CVE-2024-35863, CVE-2024-35864, CVE-2024-35865, CVE-2024-35867, CVE-2024-35868, CVE-2024-35870, CVE-2024-35886, CVE-2024-35896, CVE-2024-35922, CVE-2024-35925, CVE-2024-35930, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35976, CVE-2024-35979, CVE-2024-35997, CVE-2024-35998, CVE-2024-36016, CVE-2024-36017, CVE-2024-36025, CVE-2024-36479, CVE-2024-36592, CVE-2024-36880, CVE-2024-36894, CVE-2024-36915, CVE-2024-36917, CVE-2024-36919, CVE-2024-36923, CVE-2024-36934, CVE-2024-36938, CVE-2024-36940, CVE-2024-36949, CVE-2024-36950, CVE-2024-36960, CVE-2024-36964, CVE-2024-37021, CVE-2024-37354, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38549, CVE-2024-38552, CVE-2024-38553, CVE-2024-38565, CVE-2024-38567, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38597, CVE-2024-38601, CVE-2024-38608, CVE-2024-38618, CVE-2024-38621, CVE-2024-38627, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780
Maintenance Incident: [SUSE:Maintenance:34677](https://smelt.suse.de/incident/34677/)
Sources used:
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 kernel-syms-azure-4.12.14-16.191.1, kernel-source-azure-4.12.14-16.191.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 kernel-syms-azure-4.12.14-16.191.1, kernel-source-azure-4.12.14-16.191.1
SUSE Linux Enterprise Server 12 SP5 (src):
 kernel-syms-azure-4.12.14-16.191.1, kernel-source-azure-4.12.14-16.191.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Maintenance Automation 2024-07-10 08:30:24 UTC 
SUSE-SU-2024:2381-1: An update that solves 143 vulnerabilities and has 18 security fixes can now be installed.

Category: security (important)
Bug References: 1119113, 1191958, 1195065, 1195254, 1195775, 1204514, 1216062, 1217912, 1218148, 1219224, 1221010, 1221647, 1221654, 1221791, 1221958, 1222015, 1222080, 1222364, 1222385, 1222435, 1222809, 1222866, 1222879, 1222893, 1223013, 1223018, 1223021, 1223043, 1223532, 1223641, 1224177, 1224432, 1224504, 1224549, 1224552, 1224572, 1224575, 1224583, 1224588, 1224605, 1224651, 1224660, 1224661, 1224662, 1224664, 1224668, 1224670, 1224672, 1224674, 1224677, 1224678, 1224703, 1224735, 1224739, 1224763, 1224764, 1224765, 1224946, 1224951, 1224967, 1224976, 1224977, 1224978, 1224993, 1224997, 1225047, 1225140, 1225184, 1225203, 1225232, 1225261, 1225306, 1225337, 1225372, 1225463, 1225484, 1225487, 1225490, 1225514, 1225518, 1225548, 1225555, 1225556, 1225559, 1225571, 1225573, 1225577, 1225583, 1225585, 1225599, 1225602, 1225611, 1225642, 1225681, 1225704, 1225722, 1225749, 1225758, 1225760, 1225761, 1225767, 1225770, 1225815, 1225840, 1225848, 1225866, 1225872, 1225894, 1225895, 1225898, 1226211, 1226212, 1226537, 1226554, 1226557, 1226562, 1226567, 1226575, 1226577, 1226593, 1226595, 1226597, 1226610, 1226614, 1226619, 1226621, 1226634, 1226637, 1226670, 1226672, 1226692, 1226698, 1226699, 1226701, 1226705, 1226708, 1226711, 1226712, 1226716, 1226718, 1226732, 1226735, 1226744, 1226746, 1226747, 1226749, 1226754, 1226767, 1226769, 1226857, 1226876, 1226883, 1226886, 1226895, 1226948, 1226949, 1226950, 1226962, 1226976, 1226996, 1227101
CVE References: CVE-2021-4439, CVE-2021-47103, CVE-2021-47191, CVE-2021-47193, CVE-2021-47267, CVE-2021-47270, CVE-2021-47293, CVE-2021-47294, CVE-2021-47297, CVE-2021-47309, CVE-2021-47328, CVE-2021-47354, CVE-2021-47372, CVE-2021-47379, CVE-2021-47407, CVE-2021-47418, CVE-2021-47434, CVE-2021-47445, CVE-2021-47518, CVE-2021-47544, CVE-2021-47566, CVE-2021-47571, CVE-2021-47576, CVE-2021-47587, CVE-2021-47589, CVE-2021-47600, CVE-2021-47602, CVE-2021-47603, CVE-2021-47609, CVE-2021-47617, CVE-2022-48711, CVE-2022-48715, CVE-2022-48722, CVE-2022-48732, CVE-2022-48733, CVE-2022-48740, CVE-2022-48743, CVE-2022-48754, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-52622, CVE-2023-52675, CVE-2023-52737, CVE-2023-52752, CVE-2023-52754, CVE-2023-52757, CVE-2023-52762, CVE-2023-52764, CVE-2023-52784, CVE-2023-52808, CVE-2023-52809, CVE-2023-5281, CVE-2023-52832, CVE-2023-52834, CVE-2023-52835, CVE-2023-52843, CVE-2023-52845, CVE-2023-52855, CVE-2023-52881, CVE-2024-26633, CVE-2024-26641, CVE-2024-26679, CVE-2024-26687, CVE-2024-26720, CVE-2024-26813, CVE-2024-26845, CVE-2024-26863, CVE-2024-26894, CVE-2024-26928, CVE-2024-26973, CVE-2024-27399, CVE-2024-27410, CVE-2024-35247, CVE-2024-35807, CVE-2024-35822, CVE-2024-35835, CVE-2024-35862, CVE-2024-35863, CVE-2024-35864, CVE-2024-35865, CVE-2024-35867, CVE-2024-35868, CVE-2024-35870, CVE-2024-35886, CVE-2024-35896, CVE-2024-35922, CVE-2024-35925, CVE-2024-35930, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35976, CVE-2024-35979, CVE-2024-35997, CVE-2024-35998, CVE-2024-36016, CVE-2024-36017, CVE-2024-36025, CVE-2024-36479, CVE-2024-36592, CVE-2024-36880, CVE-2024-36894, CVE-2024-36915, CVE-2024-36917, CVE-2024-36919, CVE-2024-36923, CVE-2024-36934, CVE-2024-36938, CVE-2024-36940, CVE-2024-36949, CVE-2024-36950, CVE-2024-36960, CVE-2024-36964, CVE-2024-37021, CVE-2024-37354, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38549, CVE-2024-38552, CVE-2024-38553, CVE-2024-38565, CVE-2024-38567, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38597, CVE-2024-38601, CVE-2024-38608, CVE-2024-38618, CVE-2024-38621, CVE-2024-38627, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780
Maintenance Incident: [SUSE:Maintenance:34690](https://smelt.suse.de/incident/34690/)
Sources used:
SUSE Linux Enterprise Real Time 12 SP5 (src):
 kernel-source-rt-4.12.14-10.191.1, kernel-syms-rt-4.12.14-10.191.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 21 Maintenance Automation 2024-07-10 20:30:32 UTC 
SUSE-SU-2024:2394-1: An update that solves 249 vulnerabilities, contains three features and has 44 security fixes can now be installed.

Category: security (important)
Bug References: 1156395, 1190336, 1191958, 1193883, 1194826, 1195065, 1195254, 1195341, 1195349, 1195775, 1196746, 1197915, 1198014, 1199295, 1202767, 1202780, 1205205, 1207361, 1217912, 1218148, 1218570, 1218820, 1219224, 1219633, 1219847, 1220368, 1220812, 1220958, 1221086, 1221282, 1221958, 1222015, 1222072, 1222080, 1222241, 1222254, 1222364, 1222893, 1223013, 1223018, 1223265, 1223384, 1223641, 1224020, 1224331, 1224488, 1224497, 1224498, 1224504, 1224520, 1224539, 1224540, 1224552, 1224583, 1224588, 1224602, 1224603, 1224605, 1224612, 1224614, 1224619, 1224661, 1224662, 1224670, 1224671, 1224674, 1224677, 1224679, 1224696, 1224703, 1224712, 1224716, 1224719, 1224735, 1224749, 1224764, 1224765, 1224766, 1224935, 1224946, 1224951, 1225050, 1225098, 1225105, 1225300, 1225389, 1225391, 1225419, 1225426, 1225448, 1225452, 1225467, 1225475, 1225484, 1225487, 1225514, 1225518, 1225535, 1225585, 1225602, 1225611, 1225681, 1225692, 1225698, 1225699, 1225704, 1225714, 1225726, 1225732, 1225737, 1225749, 1225758, 1225759, 1225760, 1225767, 1225770, 1225823, 1225834, 1225840, 1225866, 1225872, 1225894, 1226022, 1226131, 1226145, 1226149, 1226155, 1226211, 1226212, 1226226, 1226514, 1226520, 1226537, 1226538, 1226539, 1226550, 1226552, 1226553, 1226554, 1226556, 1226557, 1226558, 1226559, 1226561, 1226562, 1226563, 1226564, 1226566, 1226567, 1226569, 1226572, 1226575, 1226576, 1226577, 1226579, 1226580, 1226581, 1226582, 1226583, 1226585, 1226587, 1226588, 1226593, 1226595, 1226597, 1226601, 1226602, 1226603, 1226607, 1226610, 1226614, 1226616, 1226617, 1226618, 1226619, 1226621, 1226622, 1226624, 1226626, 1226628, 1226629, 1226632, 1226633, 1226634, 1226637, 1226643, 1226644, 1226645, 1226647, 1226650, 1226653, 1226657, 1226658, 1226669, 1226670, 1226672, 1226673, 1226674, 1226675, 1226678, 1226679, 1226683, 1226685, 1226686, 1226690, 1226691, 1226692, 1226693, 1226696, 1226697, 1226698, 1226699, 1226701, 1226702, 1226703, 1226704, 1226705, 1226706, 1226708, 1226709, 1226710, 1226711, 1226712, 1226713, 1226715, 1226716, 1226718, 1226719, 1226720, 1226721, 1226730, 1226732, 1226734, 1226735, 1226737, 1226738, 1226739, 1226740, 1226744, 1226746, 1226747, 1226749, 1226754, 1226762, 1226764, 1226767, 1226768, 1226769, 1226771, 1226774, 1226777, 1226780, 1226781, 1226785, 1226786, 1226789, 1226791, 1226839, 1226840, 1226841, 1226842, 1226848, 1226852, 1226857, 1226861, 1226863, 1226864, 1226867, 1226868, 1226876, 1226878, 1226883, 1226886, 1226890, 1226891, 1226895, 1226908, 1226915, 1226928, 1226948, 1226949, 1226950, 1226953, 1226962, 1226976, 1226992, 1226994, 1226996, 1227066, 1227096, 1227101, 1227103, 1227274
CVE References: CVE-2021-4439, CVE-2021-47089, CVE-2021-47432, CVE-2021-47515, CVE-2021-47534, CVE-2021-47538, CVE-2021-47539, CVE-2021-47555, CVE-2021-47566, CVE-2021-47571, CVE-2021-47572, CVE-2021-47576, CVE-2021-47577, CVE-2021-47578, CVE-2021-47580, CVE-2021-47582, CVE-2021-47583, CVE-2021-47584, CVE-2021-47585, CVE-2021-47586, CVE-2021-47587, CVE-2021-47589, CVE-2021-47592, CVE-2021-47595, CVE-2021-47596, CVE-2021-47597, CVE-2021-47600, CVE-2021-47601, CVE-2021-47602, CVE-2021-47603, CVE-2021-47604, CVE-2021-47605, CVE-2021-47607, CVE-2021-47608, CVE-2021-47609, CVE-2021-47610, CVE-2021-47611, CVE-2021-47612, CVE-2021-47614, CVE-2021-47615, CVE-2021-47616, CVE-2021-47617, CVE-2021-47618, CVE-2021-47619, CVE-2021-47620, CVE-2022-48711, CVE-2022-48712, CVE-2022-48713, CVE-2022-48714, CVE-2022-48715, CVE-2022-48716, CVE-2022-48717, CVE-2022-48718, CVE-2022-48720, CVE-2022-48721, CVE-2022-48722, CVE-2022-48723, CVE-2022-48724, CVE-2022-48725, CVE-2022-48726, CVE-2022-48727, CVE-2022-48728, CVE-2022-48729, CVE-2022-48730, CVE-2022-48732, CVE-2022-48733, CVE-2022-48734, CVE-2022-48735, CVE-2022-48736, CVE-2022-48737, CVE-2022-48738, CVE-2022-48739, CVE-2022-48740, CVE-2022-48743, CVE-2022-48744, CVE-2022-48745, CVE-2022-48746, CVE-2022-48747, CVE-2022-48748, CVE-2022-48749, CVE-2022-48751, CVE-2022-48752, CVE-2022-48753, CVE-2022-48754, CVE-2022-48755, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48763, CVE-2022-48765, CVE-2022-48766, CVE-2022-48767, CVE-2022-48768, CVE-2022-48769, CVE-2022-48770, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-52622, CVE-2023-52658, CVE-2023-52667, CVE-2023-52670, CVE-2023-52672, CVE-2023-52675, CVE-2023-52735, CVE-2023-52737, CVE-2023-52752, CVE-2023-52766, CVE-2023-52784, CVE-2023-52787, CVE-2023-52800, CVE-2023-52835, CVE-2023-52837, CVE-2023-52843, CVE-2023-52845, CVE-2023-52846, CVE-2023-52869, CVE-2023-52881, CVE-2023-52882, CVE-2023-52884, CVE-2024-26625, CVE-2024-26644, CVE-2024-26720, CVE-2024-26842, CVE-2024-26845, CVE-2024-26923, CVE-2024-26973, CVE-2024-27432, CVE-2024-33619, CVE-2024-35247, CVE-2024-35789, CVE-2024-35790, CVE-2024-35807, CVE-2024-35814, CVE-2024-35835, CVE-2024-35848, CVE-2024-35857, CVE-2024-35861, CVE-2024-35862, CVE-2024-35864, CVE-2024-35869, CVE-2024-35878, CVE-2024-35884, CVE-2024-35886, CVE-2024-35896, CVE-2024-35898, CVE-2024-35900, CVE-2024-35905, CVE-2024-35925, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35997, CVE-2024-36005, CVE-2024-36008, CVE-2024-36017, CVE-2024-36020, CVE-2024-36021, CVE-2024-36025, CVE-2024-36477, CVE-2024-36478, CVE-2024-36479, CVE-2024-36890, CVE-2024-36894, CVE-2024-36899, CVE-2024-36900, CVE-2024-36904, CVE-2024-36915, CVE-2024-36916, CVE-2024-36917, CVE-2024-36919, CVE-2024-36934, CVE-2024-36937, CVE-2024-36940, CVE-2024-36945, CVE-2024-36949, CVE-2024-36960, CVE-2024-36964, CVE-2024-36965, CVE-2024-36967, CVE-2024-36969, CVE-2024-36971, CVE-2024-36975, CVE-2024-36978, CVE-2024-37021, CVE-2024-37078, CVE-2024-37354, CVE-2024-38381, CVE-2024-38388, CVE-2024-38390, CVE-2024-38540, CVE-2024-38541, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38547, CVE-2024-38548, CVE-2024-38549, CVE-2024-38550, CVE-2024-38552, CVE-2024-38553, CVE-2024-38555, CVE-2024-38556, CVE-2024-38557, CVE-2024-38559, CVE-2024-38560, CVE-2024-38564, CVE-2024-38565, CVE-2024-38567, CVE-2024-38568, CVE-2024-38571, CVE-2024-38573, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38581, CVE-2024-38582, CVE-2024-38583, CVE-2024-38587, CVE-2024-38590, CVE-2024-38591, CVE-2024-38594, CVE-2024-38597, CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38603, CVE-2024-38605, CVE-2024-38608, CVE-2024-38616, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38627, CVE-2024-38630, CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780, CVE-2024-39301, CVE-2024-39468, CVE-2024-39469, CVE-2024-39471
Jira References: PED-8491, PED-8570, PED-8690
Maintenance Incident: [SUSE:Maintenance:34699](https://smelt.suse.de/incident/34699/)
Sources used:
openSUSE Leap 15.5 (src):
 kernel-livepatch-SLE15-SP5-RT_Update_17-1-150500.11.3.1, kernel-syms-rt-5.14.21-150500.13.61.1, kernel-source-rt-5.14.21-150500.13.61.1
SUSE Linux Enterprise Micro 5.5 (src):
 kernel-source-rt-5.14.21-150500.13.61.1
SUSE Linux Enterprise Live Patching 15-SP5 (src):
 kernel-livepatch-SLE15-SP5-RT_Update_17-1-150500.11.3.1
SUSE Real Time Module 15-SP5 (src):
 kernel-syms-rt-5.14.21-150500.13.61.1, kernel-source-rt-5.14.21-150500.13.61.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 23 Maintenance Automation 2024-07-18 16:36:26 UTC 
SUSE-SU-2024:2561-1: An update that solves 176 vulnerabilities and has 17 security fixes can now be installed.

Category: security (important)
Bug References: 1119113, 1171988, 1191958, 1195065, 1195254, 1195775, 1204514, 1215420, 1216062, 1217912, 1218148, 1219224, 1220833, 1221010, 1221647, 1221654, 1221656, 1221659, 1221791, 1221958, 1222005, 1222015, 1222080, 1222364, 1222385, 1222435, 1222792, 1222809, 1222866, 1222879, 1222893, 1223013, 1223018, 1223021, 1223043, 1223188, 1223384, 1223532, 1223641, 1224177, 1224432, 1224504, 1224549, 1224552, 1224572, 1224575, 1224583, 1224588, 1224605, 1224622, 1224627, 1224647, 1224651, 1224660, 1224661, 1224662, 1224664, 1224668, 1224670, 1224672, 1224674, 1224677, 1224678, 1224683, 1224686, 1224703, 1224735, 1224739, 1224743, 1224763, 1224764, 1224765, 1224946, 1224951, 1224965, 1224967, 1224976, 1224977, 1224978, 1224993, 1224997, 1225047, 1225140, 1225184, 1225203, 1225229, 1225232, 1225261, 1225306, 1225337, 1225357, 1225372, 1225431, 1225463, 1225478, 1225484, 1225487, 1225490, 1225505, 1225514, 1225518, 1225530, 1225532, 1225548, 1225555, 1225556, 1225559, 1225569, 1225571, 1225573, 1225577, 1225583, 1225585, 1225593, 1225599, 1225602, 1225611, 1225642, 1225681, 1225704, 1225722, 1225749, 1225758, 1225760, 1225761, 1225767, 1225770, 1225815, 1225835, 1225840, 1225848, 1225866, 1225872, 1225894, 1225895, 1225898, 1226211, 1226212, 1226537, 1226554, 1226557, 1226562, 1226567, 1226575, 1226577, 1226593, 1226595, 1226597, 1226610, 1226614, 1226619, 1226621, 1226634, 1226637, 1226670, 1226672, 1226692, 1226698, 1226699, 1226701, 1226705, 1226708, 1226711, 1226712, 1226716, 1226718, 1226732, 1226735, 1226744, 1226746, 1226747, 1226749, 1226754, 1226757, 1226767, 1226769, 1226857, 1226861, 1226876, 1226883, 1226886, 1226895, 1226948, 1226949, 1226950, 1226962, 1226976, 1226994, 1226996, 1227101, 1227407, 1227435, 1227487
CVE References: CVE-2020-10135, CVE-2021-43389, CVE-2021-4439, CVE-2021-47103, CVE-2021-47145, CVE-2021-47191, CVE-2021-47193, CVE-2021-47201, CVE-2021-47267, CVE-2021-47270, CVE-2021-47275, CVE-2021-47293, CVE-2021-47294, CVE-2021-47297, CVE-2021-47309, CVE-2021-47328, CVE-2021-47354, CVE-2021-47372, CVE-2021-47379, CVE-2021-47407, CVE-2021-47418, CVE-2021-47434, CVE-2021-47438, CVE-2021-47445, CVE-2021-47498, CVE-2021-47518, CVE-2021-47520, CVE-2021-47544, CVE-2021-47547, CVE-2021-47566, CVE-2021-47571, CVE-2021-47576, CVE-2021-47587, CVE-2021-47589, CVE-2021-47600, CVE-2021-47602, CVE-2021-47603, CVE-2021-47609, CVE-2021-47617, CVE-2022-0435, CVE-2022-22942, CVE-2022-48711, CVE-2022-48715, CVE-2022-48722, CVE-2022-48732, CVE-2022-48733, CVE-2022-48740, CVE-2022-48743, CVE-2022-48754, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-4244, CVE-2023-52507, CVE-2023-52622, CVE-2023-52675, CVE-2023-52683, CVE-2023-52693, CVE-2023-52737, CVE-2023-52752, CVE-2023-52753, CVE-2023-52754, CVE-2023-52757, CVE-2023-52762, CVE-2023-52764, CVE-2023-52784, CVE-2023-52808, CVE-2023-52809, CVE-2023-5281, CVE-2023-52817, CVE-2023-52818, CVE-2023-52819, CVE-2023-52832, CVE-2023-52834, CVE-2023-52835, CVE-2023-52843, CVE-2023-52845, CVE-2023-52855, CVE-2023-52881, CVE-2024-26633, CVE-2024-26635, CVE-2024-26636, CVE-2024-26641, CVE-2024-26679, CVE-2024-26687, CVE-2024-26720, CVE-2024-26813, CVE-2024-26845, CVE-2024-26863, CVE-2024-26880, CVE-2024-26894, CVE-2024-26923, CVE-2024-26928, CVE-2024-26973, CVE-2024-27399, CVE-2024-27410, CVE-2024-35247, CVE-2024-35805, CVE-2024-35807, CVE-2024-35819, CVE-2024-35822, CVE-2024-35828, CVE-2024-35835, CVE-2024-35862, CVE-2024-35863, CVE-2024-35864, CVE-2024-35865, CVE-2024-35867, CVE-2024-35868, CVE-2024-35870, CVE-2024-35886, CVE-2024-35896, CVE-2024-35922, CVE-2024-35925, CVE-2024-35930, CVE-2024-35947, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35976, CVE-2024-35979, CVE-2024-35997, CVE-2024-35998, CVE-2024-36014, CVE-2024-36016, CVE-2024-36017, CVE-2024-36025, CVE-2024-36479, CVE-2024-36880, CVE-2024-36894, CVE-2024-36915, CVE-2024-36917, CVE-2024-36919, CVE-2024-36923, CVE-2024-36934, CVE-2024-36938, CVE-2024-36940, CVE-2024-36941, CVE-2024-36949, CVE-2024-36950, CVE-2024-36952, CVE-2024-36960, CVE-2024-36964, CVE-2024-37021, CVE-2024-37354, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38549, CVE-2024-38552, CVE-2024-38553, CVE-2024-38565, CVE-2024-38567, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38597, CVE-2024-38598, CVE-2024-38601, CVE-2024-38608, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38627, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780, CVE-2024-39301, CVE-2024-39475
Maintenance Incident: [SUSE:Maintenance:34719](https://smelt.suse.de/incident/34719/)
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):
 kgraft-patch-SLE12-SP5_Update_58-1-8.3.1
SUSE Linux Enterprise Software Development Kit 12 SP5 (src):
 kernel-obs-build-4.12.14-122.222.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src):
 kernel-syms-4.12.14-122.222.1, kernel-source-4.12.14-122.222.1
SUSE Linux Enterprise Server 12 SP5 (src):
 kernel-syms-4.12.14-122.222.1, kernel-source-4.12.14-122.222.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src):
 kernel-syms-4.12.14-122.222.1, kernel-source-4.12.14-122.222.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.