SUSE-SU-2024:1645-1

CVE-2024-26840: Fixed a memory leak in cachefilesaddcache() (bsc#1222976).
CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543).
CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545).
CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6routempath_notify() (bsc#1223057).
CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513).
CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctpautoasconf_init in net/sctp/socket.c (bsc#1218917).
CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
CVE-2022-48631: Fixed a bug in ext4, when parsing extents where ehentries == 0 and ehdepth > 0 (bsc#1223475).
CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
CVE-2024-26906: Disallowed vsyscall page read for copyfromkernel_nofault() (bsc#1223202).
CVE-2024-26816: Fixed relocations in .notes section when building with CONFIGXENPV=y by ignoring them (bsc#1222624).
CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).
CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
CVE-2024-26689: Fixed a use-after-free in encodecapmsg() (bsc#1222503).
CVE-2021-47041: Don't set skuserdata without write_lock (bsc#1220755).
CVE-2021-47074: Fixed memory leak in nvmeloopcreate_ctrl() (bsc#1220854).
CVE-2024-26744: Fixed null pointer dereference in srptserviceguid parameter in rdma/srpt (bsc#1222449).

The following non-security bugs were fixed:

dm rq: do not queue request to blk-mq during DM suspend (bsc#1221113).
dm: rearrange core declarations for extended use from dm-zone.c (bsc#1221113).
net/tls: Remove the context from the list in tlsdevicedown (bsc#1221545).
tls: Fix context leak on tlsdevicedown (bsc#1221545).

References

Affected packages

SUSE:Linux Enterprise Micro 5.1 / kernel-rt

Package

Name: kernel-rt
Purl: pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.18-150300.169.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.169.1",
            "kernel-rt": "5.3.18-150300.169.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / kernel-source-rt

Package

Name: kernel-source-rt
Purl: pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.18-150300.169.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.169.1",
            "kernel-rt": "5.3.18-150300.169.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-rt

Package

Name: kernel-rt
Purl: pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.18-150300.169.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.169.1",
            "kernel-rt": "5.3.18-150300.169.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-source-rt

Package

Name: kernel-source-rt
Purl: pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.18-150300.169.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.169.1",
            "kernel-rt": "5.3.18-150300.169.1"
        }
    ]
}