Kernel, Thunderbird, Keepalived updates for SUSE

SUSE 5114 Published by

SUSE Linux has issued multiple security updates, encompassing the Linux kernel RT, Mozilla Thunderbird, and Keepalived:

SUSE-SU-2024:3625-1: important: Security update for the Linux Kernel RT (Live Patch 15 for SLE 15 SP5)
SUSE-SU-2024:3623-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP5)
SUSE-SU-2024:3629-1: important: Security update for MozillaThunderbird
SUSE-SU-2024:3624-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5)
SUSE-SU-2024:3627-1: important: Security update for the Linux Kernel RT (Live Patch 17 for SLE 15 SP5)
SUSE-SU-2024:3633-1: moderate: Security update for keepalived
SUSE-SU-2024:3634-1: moderate: Security update for keepalived
SUSE-SU-2024:3635-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5)
SUSE-SU-2024:3631-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)
SUSE-SU-2024:3636-1: important: Security update for the Linux Kernel RT (Live Patch 16 for SLE 15 SP5)
SUSE-SU-2024:3632-1: important: Security update for the Linux Kernel RT (Live Patch 14 for SLE 15 SP5)
SUSE-SU-2024:3639-1: important: Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP5)
SUSE-SU-2024:3638-1: important: Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP5)
openSUSE-SU-2024:14400-1: moderate: etcd-for-k8s1.30-3.5.15-1.1 on GA media
openSUSE-SU-2024:14401-1: moderate: libsonivox3-3.6.14-1.1 on GA media
openSUSE-SU-2024:14399-1: moderate: etcd-for-k8s1.28-3.5.15-1.1 on GA media




SUSE-SU-2024:3625-1: important: Security update for the Linux Kernel RT (Live Patch 15 for SLE 15 SP5)


# Security update for the Linux Kernel RT (Live Patch 15 for SLE 15 SP5)

Announcement ID: SUSE-SU-2024:3625-1
Release Date: 2024-10-15T01:03:49Z
Rating: important
References:

* bsc#1223363
* bsc#1223683
* bsc#1225013
* bsc#1225099
* bsc#1225312
* bsc#1225739
* bsc#1226325
* bsc#1228573
* bsc#1228786

Cross-References:

* CVE-2023-52846
* CVE-2024-26828
* CVE-2024-26923
* CVE-2024-27398
* CVE-2024-35861
* CVE-2024-36899
* CVE-2024-36964
* CVE-2024-40954
* CVE-2024-41059

CVSS scores:

* CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
* CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves nine vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_13_55 fixes several issues.

The following security issues were fixed:

* CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()
(bsc#1225312).
* CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify
(bsc#1225739).
* CVE-2024-40954: net: do not leave a dangling sk pointer, when socket
creation fails (bsc#1227808)
* CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
* CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000
(bsc#1226325).
* CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame()
(bsc#1225099).
* CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout
(bsc#1225013).
* CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in
__unix_gc() (bsc#1223683).
* CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-3625=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3625=1

## Package List:

* openSUSE Leap 15.5 (x86_64)
* kernel-livepatch-SLE15-SP5-RT_Update_15-debugsource-5-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_55-rt-debuginfo-5-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_55-rt-5-150500.11.6.1
* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-SLE15-SP5-RT_Update_15-debugsource-5-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_55-rt-debuginfo-5-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_55-rt-5-150500.11.6.1

## References:

* https://www.suse.com/security/cve/CVE-2023-52846.html
* https://www.suse.com/security/cve/CVE-2024-26828.html
* https://www.suse.com/security/cve/CVE-2024-26923.html
* https://www.suse.com/security/cve/CVE-2024-27398.html
* https://www.suse.com/security/cve/CVE-2024-35861.html
* https://www.suse.com/security/cve/CVE-2024-36899.html
* https://www.suse.com/security/cve/CVE-2024-36964.html
* https://www.suse.com/security/cve/CVE-2024-40954.html
* https://www.suse.com/security/cve/CVE-2024-41059.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223363
* https://bugzilla.suse.com/show_bug.cgi?id=1223683
* https://bugzilla.suse.com/show_bug.cgi?id=1225013
* https://bugzilla.suse.com/show_bug.cgi?id=1225099
* https://bugzilla.suse.com/show_bug.cgi?id=1225312
* https://bugzilla.suse.com/show_bug.cgi?id=1225739
* https://bugzilla.suse.com/show_bug.cgi?id=1226325
* https://bugzilla.suse.com/show_bug.cgi?id=1228573
* https://bugzilla.suse.com/show_bug.cgi?id=1228786



SUSE-SU-2024:3623-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP5)


# Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP5)

Announcement ID: SUSE-SU-2024:3623-1
Release Date: 2024-10-14T21:35:12Z
Rating: important
References:

* bsc#1220145
* bsc#1220832
* bsc#1221302
* bsc#1222685
* bsc#1223059
* bsc#1223363
* bsc#1223514
* bsc#1223521
* bsc#1223681
* bsc#1223683
* bsc#1225013
* bsc#1225099
* bsc#1225310
* bsc#1225312
* bsc#1225313
* bsc#1225739
* bsc#1226325
* bsc#1228573
* bsc#1228786

Cross-References:

* CVE-2022-48651
* CVE-2022-48662
* CVE-2023-52502
* CVE-2023-52846
* CVE-2023-6546
* CVE-2024-23307
* CVE-2024-26610
* CVE-2024-26828
* CVE-2024-26852
* CVE-2024-26923
* CVE-2024-26930
* CVE-2024-27398
* CVE-2024-35817
* CVE-2024-35861
* CVE-2024-35950
* CVE-2024-36899
* CVE-2024-36964
* CVE-2024-40954
* CVE-2024-41059

CVSS scores:

* CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
* CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves 19 vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_13_38 fixes several issues.

The following security issues were fixed:

* CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()
(bsc#1225312).
* CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify
(bsc#1225739).
* CVE-2024-40954: net: do not leave a dangling sk pointer, when socket
creation fails (bsc#1227808)
* CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
* CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000
(bsc#1226325).
* CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame()
(bsc#1225099).
* CVE-2022-48662: Fixed a general protection fault (GPF) in
i915_perf_open_ioctl (bsc#1223521).
* CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313).
* CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout
(bsc#1225013).
* CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex
(bsc#1225310).
* CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in
__unix_gc() (bsc#1223683).
* CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681).
* CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
* CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86
and ARM md, raid, raid5 modules (bsc#1220145).
* CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify()
(bsc#1223059).
* CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).
* CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset
skb->mac_header (bsc#1223514).
* CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (bsc#1220832).
* CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via
the GSMIOC_SETCONF ioctl that could lead to local privilege escalation
(bsc#1222685).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-3623=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3623=1

## Package List:

* openSUSE Leap 15.5 (x86_64)
* kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-7-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-7-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_38-rt-7-150500.11.6.1
* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-7-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-7-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_38-rt-7-150500.11.6.1

## References:

* https://www.suse.com/security/cve/CVE-2022-48651.html
* https://www.suse.com/security/cve/CVE-2022-48662.html
* https://www.suse.com/security/cve/CVE-2023-52502.html
* https://www.suse.com/security/cve/CVE-2023-52846.html
* https://www.suse.com/security/cve/CVE-2023-6546.html
* https://www.suse.com/security/cve/CVE-2024-23307.html
* https://www.suse.com/security/cve/CVE-2024-26610.html
* https://www.suse.com/security/cve/CVE-2024-26828.html
* https://www.suse.com/security/cve/CVE-2024-26852.html
* https://www.suse.com/security/cve/CVE-2024-26923.html
* https://www.suse.com/security/cve/CVE-2024-26930.html
* https://www.suse.com/security/cve/CVE-2024-27398.html
* https://www.suse.com/security/cve/CVE-2024-35817.html
* https://www.suse.com/security/cve/CVE-2024-35861.html
* https://www.suse.com/security/cve/CVE-2024-35950.html
* https://www.suse.com/security/cve/CVE-2024-36899.html
* https://www.suse.com/security/cve/CVE-2024-36964.html
* https://www.suse.com/security/cve/CVE-2024-40954.html
* https://www.suse.com/security/cve/CVE-2024-41059.html
* https://bugzilla.suse.com/show_bug.cgi?id=1220145
* https://bugzilla.suse.com/show_bug.cgi?id=1220832
* https://bugzilla.suse.com/show_bug.cgi?id=1221302
* https://bugzilla.suse.com/show_bug.cgi?id=1222685
* https://bugzilla.suse.com/show_bug.cgi?id=1223059
* https://bugzilla.suse.com/show_bug.cgi?id=1223363
* https://bugzilla.suse.com/show_bug.cgi?id=1223514
* https://bugzilla.suse.com/show_bug.cgi?id=1223521
* https://bugzilla.suse.com/show_bug.cgi?id=1223681
* https://bugzilla.suse.com/show_bug.cgi?id=1223683
* https://bugzilla.suse.com/show_bug.cgi?id=1225013
* https://bugzilla.suse.com/show_bug.cgi?id=1225099
* https://bugzilla.suse.com/show_bug.cgi?id=1225310
* https://bugzilla.suse.com/show_bug.cgi?id=1225312
* https://bugzilla.suse.com/show_bug.cgi?id=1225313
* https://bugzilla.suse.com/show_bug.cgi?id=1225739
* https://bugzilla.suse.com/show_bug.cgi?id=1226325
* https://bugzilla.suse.com/show_bug.cgi?id=1228573
* https://bugzilla.suse.com/show_bug.cgi?id=1228786



SUSE-SU-2024:3629-1: important: Security update for MozillaThunderbird


# Security update for MozillaThunderbird

Announcement ID: SUSE-SU-2024:3629-1
Release Date: 2024-10-15T06:57:43Z
Rating: important
References:

* bsc#1230979
* bsc#1231413

Cross-References:

* CVE-2024-8900
* CVE-2024-9392
* CVE-2024-9393
* CVE-2024-9394
* CVE-2024-9396
* CVE-2024-9397
* CVE-2024-9398
* CVE-2024-9399
* CVE-2024-9400
* CVE-2024-9401
* CVE-2024-9402
* CVE-2024-9680

CVSS scores:

* CVE-2024-8900 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-9392 ( SUSE ): 7.7
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-9392 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-9392 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-9393 ( SUSE ): 2.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-9393 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2024-9393 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-9394 ( SUSE ): 2.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-9394 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2024-9394 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-9396 ( SUSE ): 2.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-9396 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L
* CVE-2024-9396 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-9397 ( SUSE ): 2.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-9397 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2024-9397 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2024-9398 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2024-9398 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2024-9398 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2024-9399 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2024-9399 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2024-9400 ( SUSE ): 2.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-9400 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L
* CVE-2024-9400 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-9401 ( SUSE ): 7.7
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-9401 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-9401 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-9402 ( SUSE ): 7.7
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-9402 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-9402 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-9680 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-9680 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-9680 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP5
* SUSE Linux Enterprise Workstation Extension 15 SP6
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6

An update that solves 12 vulnerabilities can now be installed.

## Description:

This update for MozillaThunderbird fixes the following issues:

Update to Mozilla Thunderbird 128.3.1 (MFSA 2024-51, bsc#1231413):

* CVE-2024-9680: Use-after-free in Animation timeline

Update to Mozilla Thunderbird 128.3 (MFSA 2024-49, bsc#1230979):

* CVE-2024-9392: Compromised content process can bypass site isolation
* CVE-2024-9393: Cross-origin access to PDF contents through multipart
responses
* CVE-2024-9394: Cross-origin access to JSON contents through multipart
responses
* CVE-2024-8900: Clipboard write permission bypass
* CVE-2024-9396: Potential memory corruption may occur when cloning certain
objects
* CVE-2024-9397: Potential directory upload bypass via clickjacking
* CVE-2024-9398: External protocol handlers could be enumerated via popups
* CVE-2024-9399: Specially crafted WebTransport requests could lead to denial
of service
* CVE-2024-9400: Potential memory corruption during JIT compilation
* CVE-2024-9401: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16,
Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3
* CVE-2024-9402: Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3,
Thunderbird 131, and Thunderbird 128.3

Other fixes:

* fixed: Opening an EML file with a 'mailto:' link did not work
* fixed: Collapsed POP3 account folder was expanded after emptying trash on
exit
* fixed: "Mark Folder Read" on a cross-folder search marked all underlying
folders read
* fixed: Unable to open/view attached OpenPGP encrypted messages
* fixed: Unable to "Decrypt and Open" an attached OpenPGP key file
* fixed: Subject could disappear when replying to a message saved in an EML
file
* fixed: OAuth2 authentication method was not available when adding SMTP
server
* fixed: Unable to subscribe to .ics calendars in some situations
* fixed: Visual and UX improvements

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-3629=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-3629=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3629=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3629=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3629=1

* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-3629=1

* SUSE Linux Enterprise Workstation Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-3629=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* MozillaThunderbird-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-common-128.3.0-150200.8.182.1
* MozillaThunderbird-debugsource-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-other-128.3.0-150200.8.182.1
* MozillaThunderbird-debuginfo-128.3.0-150200.8.182.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* MozillaThunderbird-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-common-128.3.0-150200.8.182.1
* MozillaThunderbird-debugsource-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-other-128.3.0-150200.8.182.1
* MozillaThunderbird-debuginfo-128.3.0-150200.8.182.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x)
* MozillaThunderbird-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-common-128.3.0-150200.8.182.1
* MozillaThunderbird-debugsource-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-other-128.3.0-150200.8.182.1
* MozillaThunderbird-debuginfo-128.3.0-150200.8.182.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x)
* MozillaThunderbird-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-common-128.3.0-150200.8.182.1
* MozillaThunderbird-debugsource-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-other-128.3.0-150200.8.182.1
* MozillaThunderbird-debuginfo-128.3.0-150200.8.182.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* MozillaThunderbird-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-common-128.3.0-150200.8.182.1
* MozillaThunderbird-debugsource-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-other-128.3.0-150200.8.182.1
* MozillaThunderbird-debuginfo-128.3.0-150200.8.182.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* MozillaThunderbird-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-common-128.3.0-150200.8.182.1
* MozillaThunderbird-debugsource-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-other-128.3.0-150200.8.182.1
* MozillaThunderbird-debuginfo-128.3.0-150200.8.182.1
* SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
* MozillaThunderbird-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-common-128.3.0-150200.8.182.1
* MozillaThunderbird-debugsource-128.3.0-150200.8.182.1
* MozillaThunderbird-translations-other-128.3.0-150200.8.182.1
* MozillaThunderbird-debuginfo-128.3.0-150200.8.182.1

## References:

* https://www.suse.com/security/cve/CVE-2024-8900.html
* https://www.suse.com/security/cve/CVE-2024-9392.html
* https://www.suse.com/security/cve/CVE-2024-9393.html
* https://www.suse.com/security/cve/CVE-2024-9394.html
* https://www.suse.com/security/cve/CVE-2024-9396.html
* https://www.suse.com/security/cve/CVE-2024-9397.html
* https://www.suse.com/security/cve/CVE-2024-9398.html
* https://www.suse.com/security/cve/CVE-2024-9399.html
* https://www.suse.com/security/cve/CVE-2024-9400.html
* https://www.suse.com/security/cve/CVE-2024-9401.html
* https://www.suse.com/security/cve/CVE-2024-9402.html
* https://www.suse.com/security/cve/CVE-2024-9680.html
* https://bugzilla.suse.com/show_bug.cgi?id=1230979
* https://bugzilla.suse.com/show_bug.cgi?id=1231413



SUSE-SU-2024:3624-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5)


# Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5)

Announcement ID: SUSE-SU-2024:3624-1
Release Date: 2024-10-15T01:03:40Z
Rating: important
References:

* bsc#1225312
* bsc#1225739
* bsc#1226325
* bsc#1228573
* bsc#1228786

Cross-References:

* CVE-2024-35861
* CVE-2024-36899
* CVE-2024-36964
* CVE-2024-40954
* CVE-2024-41059

CVSS scores:

* CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves five vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_13_24 fixes several issues.

The following security issues were fixed:

* CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()
(bsc#1225312).
* CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify
(bsc#1225739).
* CVE-2024-40954: net: do not leave a dangling sk pointer, when socket
creation fails (bsc#1227808)
* CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
* CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000
(bsc#1226325).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3622=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2024-3624=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-3624=1 SUSE-2024-3622=1

## Package List:

* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-14-150500.2.1
* kernel-livepatch-5_14_21-150500_13_18-rt-14-150500.2.1
* kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-13-150500.2.1
* kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-14-150500.2.1
* kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-13-150500.2.1
* kernel-livepatch-5_14_21-150500_13_24-rt-13-150500.2.1
* openSUSE Leap 15.5 (x86_64)
* kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-14-150500.2.1
* kernel-livepatch-5_14_21-150500_13_18-rt-14-150500.2.1
* kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-13-150500.2.1
* kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-14-150500.2.1
* kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-13-150500.2.1
* kernel-livepatch-5_14_21-150500_13_24-rt-13-150500.2.1

## References:

* https://www.suse.com/security/cve/CVE-2024-35861.html
* https://www.suse.com/security/cve/CVE-2024-36899.html
* https://www.suse.com/security/cve/CVE-2024-36964.html
* https://www.suse.com/security/cve/CVE-2024-40954.html
* https://www.suse.com/security/cve/CVE-2024-41059.html
* https://bugzilla.suse.com/show_bug.cgi?id=1225312
* https://bugzilla.suse.com/show_bug.cgi?id=1225739
* https://bugzilla.suse.com/show_bug.cgi?id=1226325
* https://bugzilla.suse.com/show_bug.cgi?id=1228573
* https://bugzilla.suse.com/show_bug.cgi?id=1228786



SUSE-SU-2024:3627-1: important: Security update for the Linux Kernel RT (Live Patch 17 for SLE 15 SP5)


# Security update for the Linux Kernel RT (Live Patch 17 for SLE 15 SP5)

Announcement ID: SUSE-SU-2024:3627-1
Release Date: 2024-10-15T03:33:31Z
Rating: important
References:

* bsc#1228349
* bsc#1228573
* bsc#1228786

Cross-References:

* CVE-2024-40909
* CVE-2024-40954
* CVE-2024-41059

CVSS scores:

* CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_13_61 fixes several issues.

The following security issues were fixed:

* CVE-2024-40954: net: do not leave a dangling sk pointer, when socket
creation fails (bsc#1227808)
* CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
* CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free()
(bsc#1228349).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-3627=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3627=1

## Package List:

* openSUSE Leap 15.5 (x86_64)
* kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource-2-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo-2-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_61-rt-2-150500.11.6.1
* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource-2-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo-2-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_61-rt-2-150500.11.6.1

## References:

* https://www.suse.com/security/cve/CVE-2024-40909.html
* https://www.suse.com/security/cve/CVE-2024-40954.html
* https://www.suse.com/security/cve/CVE-2024-41059.html
* https://bugzilla.suse.com/show_bug.cgi?id=1228349
* https://bugzilla.suse.com/show_bug.cgi?id=1228573
* https://bugzilla.suse.com/show_bug.cgi?id=1228786



SUSE-SU-2024:3633-1: moderate: Security update for keepalived


# Security update for keepalived

Announcement ID: SUSE-SU-2024:3633-1
Release Date: 2024-10-15T09:20:42Z
Rating: moderate
References:

* bsc#1228123

Cross-References:

* CVE-2024-41184

CVSS scores:

* CVE-2024-41184 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise High Availability Extension 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for keepalived fixes the following issues:

* CVE-2024-41184: Fixed integer overflow in vrrp_ipsets_handler (bsc#1228123)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-3633=1 openSUSE-SLE-15.6-2024-3633=1

* SUSE Linux Enterprise High Availability Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2024-3633=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* keepalived-debugsource-2.2.8-150600.3.5.1
* keepalived-2.2.8-150600.3.5.1
* keepalived-debuginfo-2.2.8-150600.3.5.1
* SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le
s390x x86_64)
* keepalived-debugsource-2.2.8-150600.3.5.1
* keepalived-2.2.8-150600.3.5.1
* keepalived-debuginfo-2.2.8-150600.3.5.1

## References:

* https://www.suse.com/security/cve/CVE-2024-41184.html
* https://bugzilla.suse.com/show_bug.cgi?id=1228123



SUSE-SU-2024:3634-1: moderate: Security update for keepalived


# Security update for keepalived

Announcement ID: SUSE-SU-2024:3634-1
Release Date: 2024-10-15T09:21:36Z
Rating: moderate
References:

* bsc#1228123

Cross-References:

* CVE-2024-41184

CVSS scores:

* CVE-2024-41184 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H

Affected Products:

* openSUSE Leap 15.5
* openSUSE Leap Micro 5.5
* SUSE Linux Enterprise High Availability Extension 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for keepalived fixes the following issues:

* CVE-2024-41184: Fixed integer overflow in vrrp_ipsets_handler (bsc#1228123)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Availability Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-3634=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-3634=1 openSUSE-SLE-15.5-2024-3634=1

* openSUSE Leap Micro 5.5
zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3634=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-3634=1

## Package List:

* SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le
s390x x86_64)
* keepalived-2.2.2-150500.8.5.1
* keepalived-debuginfo-2.2.2-150500.8.5.1
* keepalived-debugsource-2.2.2-150500.8.5.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* keepalived-2.2.2-150500.8.5.1
* keepalived-debuginfo-2.2.2-150500.8.5.1
* keepalived-debugsource-2.2.2-150500.8.5.1
* openSUSE Leap Micro 5.5 (aarch64 s390x x86_64)
* keepalived-2.2.2-150500.8.5.1
* keepalived-debuginfo-2.2.2-150500.8.5.1
* keepalived-debugsource-2.2.2-150500.8.5.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* keepalived-2.2.2-150500.8.5.1
* keepalived-debuginfo-2.2.2-150500.8.5.1
* keepalived-debugsource-2.2.2-150500.8.5.1

## References:

* https://www.suse.com/security/cve/CVE-2024-41184.html
* https://bugzilla.suse.com/show_bug.cgi?id=1228123



SUSE-SU-2024:3635-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5)


# Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5)

Announcement ID: SUSE-SU-2024:3635-1
Release Date: 2024-10-15T09:33:26Z
Rating: important
References:

* bsc#1225312
* bsc#1225739
* bsc#1226325
* bsc#1228573
* bsc#1228786

Cross-References:

* CVE-2024-35861
* CVE-2024-36899
* CVE-2024-36964
* CVE-2024-40954
* CVE-2024-41059

CVSS scores:

* CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves five vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_13_30 fixes several issues.

The following security issues were fixed:

* CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()
(bsc#1225312).
* CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify
(bsc#1225739).
* CVE-2024-40954: net: do not leave a dangling sk pointer, when socket
creation fails (bsc#1227808)
* CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
* CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000
(bsc#1226325).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-3635=1 SUSE-2024-3630=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3635=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2024-3630=1

## Package List:

* openSUSE Leap 15.5 (x86_64)
* kernel-livepatch-5_14_21-150500_13_27-rt-12-150500.2.1
* kernel-livepatch-5_14_21-150500_13_30-rt-11-150500.2.1
* kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-12-150500.2.1
* kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-12-150500.2.1
* kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-11-150500.2.1
* kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-11-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-5_14_21-150500_13_27-rt-12-150500.2.1
* kernel-livepatch-5_14_21-150500_13_30-rt-11-150500.2.1
* kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-12-150500.2.1
* kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-12-150500.2.1
* kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-11-150500.2.1
* kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-11-150500.2.1

## References:

* https://www.suse.com/security/cve/CVE-2024-35861.html
* https://www.suse.com/security/cve/CVE-2024-36899.html
* https://www.suse.com/security/cve/CVE-2024-36964.html
* https://www.suse.com/security/cve/CVE-2024-40954.html
* https://www.suse.com/security/cve/CVE-2024-41059.html
* https://bugzilla.suse.com/show_bug.cgi?id=1225312
* https://bugzilla.suse.com/show_bug.cgi?id=1225739
* https://bugzilla.suse.com/show_bug.cgi?id=1226325
* https://bugzilla.suse.com/show_bug.cgi?id=1228573
* https://bugzilla.suse.com/show_bug.cgi?id=1228786



SUSE-SU-2024:3631-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)


# Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)

Announcement ID: SUSE-SU-2024:3631-1
Release Date: 2024-10-15T09:03:51Z
Rating: important
References:

* bsc#1219296
* bsc#1220145
* bsc#1220211
* bsc#1220828
* bsc#1220832
* bsc#1221302
* bsc#1222685
* bsc#1222882
* bsc#1223059
* bsc#1223363
* bsc#1223514
* bsc#1223521
* bsc#1223681
* bsc#1223683
* bsc#1225013
* bsc#1225099
* bsc#1225310
* bsc#1225312
* bsc#1225313
* bsc#1225739
* bsc#1226325
* bsc#1228573
* bsc#1228786

Cross-References:

* CVE-2022-48651
* CVE-2022-48662
* CVE-2023-52340
* CVE-2023-52502
* CVE-2023-52846
* CVE-2023-6546
* CVE-2024-23307
* CVE-2024-26585
* CVE-2024-26610
* CVE-2024-26622
* CVE-2024-26766
* CVE-2024-26828
* CVE-2024-26852
* CVE-2024-26923
* CVE-2024-26930
* CVE-2024-27398
* CVE-2024-35817
* CVE-2024-35861
* CVE-2024-35950
* CVE-2024-36899
* CVE-2024-36964
* CVE-2024-40954
* CVE-2024-41059

CVSS scores:

* CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52340 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
* CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves 23 vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_13_35 fixes several issues.

The following security issues were fixed:

* CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()
(bsc#1225312).
* CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify
(bsc#1225739).
* CVE-2024-40954: net: do not leave a dangling sk pointer, when socket
creation fails (bsc#1227808)
* CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
* CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000
(bsc#1226325).
* CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame()
(bsc#1225099).
* CVE-2022-48662: Fixed a general protection fault (GPF) in
i915_perf_open_ioctl (bsc#1223521).
* CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313).
* CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout
(bsc#1225013).
* CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex
(bsc#1225310).
* CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in
__unix_gc() (bsc#1223683).
* CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681).
* CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
* CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86
and ARM md, raid, raid5 modules (bsc#1220145).
* CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify()
(bsc#1223059).
* CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).
* CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset
skb->mac_header (bsc#1223514).
* CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs()
(bsc#1222882).
* CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (bsc#1220832).
* CVE-2024-26585: Fixed race between tx work scheduling and socket close
(bsc#1220211).
* CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via
the GSMIOC_SETCONF ioctl that could lead to local privilege escalation
(bsc#1222685).
* CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828).
* CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big'
packets (bsc#1219296).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3631=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-3631=1

## Package List:

* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-9-150500.11.8.1
* kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-9-150500.11.8.1
* kernel-livepatch-5_14_21-150500_13_35-rt-9-150500.11.8.1
* openSUSE Leap 15.5 (x86_64)
* kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-9-150500.11.8.1
* kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-9-150500.11.8.1
* kernel-livepatch-5_14_21-150500_13_35-rt-9-150500.11.8.1

## References:

* https://www.suse.com/security/cve/CVE-2022-48651.html
* https://www.suse.com/security/cve/CVE-2022-48662.html
* https://www.suse.com/security/cve/CVE-2023-52340.html
* https://www.suse.com/security/cve/CVE-2023-52502.html
* https://www.suse.com/security/cve/CVE-2023-52846.html
* https://www.suse.com/security/cve/CVE-2023-6546.html
* https://www.suse.com/security/cve/CVE-2024-23307.html
* https://www.suse.com/security/cve/CVE-2024-26585.html
* https://www.suse.com/security/cve/CVE-2024-26610.html
* https://www.suse.com/security/cve/CVE-2024-26622.html
* https://www.suse.com/security/cve/CVE-2024-26766.html
* https://www.suse.com/security/cve/CVE-2024-26828.html
* https://www.suse.com/security/cve/CVE-2024-26852.html
* https://www.suse.com/security/cve/CVE-2024-26923.html
* https://www.suse.com/security/cve/CVE-2024-26930.html
* https://www.suse.com/security/cve/CVE-2024-27398.html
* https://www.suse.com/security/cve/CVE-2024-35817.html
* https://www.suse.com/security/cve/CVE-2024-35861.html
* https://www.suse.com/security/cve/CVE-2024-35950.html
* https://www.suse.com/security/cve/CVE-2024-36899.html
* https://www.suse.com/security/cve/CVE-2024-36964.html
* https://www.suse.com/security/cve/CVE-2024-40954.html
* https://www.suse.com/security/cve/CVE-2024-41059.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219296
* https://bugzilla.suse.com/show_bug.cgi?id=1220145
* https://bugzilla.suse.com/show_bug.cgi?id=1220211
* https://bugzilla.suse.com/show_bug.cgi?id=1220828
* https://bugzilla.suse.com/show_bug.cgi?id=1220832
* https://bugzilla.suse.com/show_bug.cgi?id=1221302
* https://bugzilla.suse.com/show_bug.cgi?id=1222685
* https://bugzilla.suse.com/show_bug.cgi?id=1222882
* https://bugzilla.suse.com/show_bug.cgi?id=1223059
* https://bugzilla.suse.com/show_bug.cgi?id=1223363
* https://bugzilla.suse.com/show_bug.cgi?id=1223514
* https://bugzilla.suse.com/show_bug.cgi?id=1223521
* https://bugzilla.suse.com/show_bug.cgi?id=1223681
* https://bugzilla.suse.com/show_bug.cgi?id=1223683
* https://bugzilla.suse.com/show_bug.cgi?id=1225013
* https://bugzilla.suse.com/show_bug.cgi?id=1225099
* https://bugzilla.suse.com/show_bug.cgi?id=1225310
* https://bugzilla.suse.com/show_bug.cgi?id=1225312
* https://bugzilla.suse.com/show_bug.cgi?id=1225313
* https://bugzilla.suse.com/show_bug.cgi?id=1225739
* https://bugzilla.suse.com/show_bug.cgi?id=1226325
* https://bugzilla.suse.com/show_bug.cgi?id=1228573
* https://bugzilla.suse.com/show_bug.cgi?id=1228786



SUSE-SU-2024:3636-1: important: Security update for the Linux Kernel RT (Live Patch 16 for SLE 15 SP5)


# Security update for the Linux Kernel RT (Live Patch 16 for SLE 15 SP5)

Announcement ID: SUSE-SU-2024:3636-1
Release Date: 2024-10-15T09:33:31Z
Rating: important
References:

* bsc#1223683
* bsc#1225099
* bsc#1225739
* bsc#1228349
* bsc#1228573
* bsc#1228786

Cross-References:

* CVE-2023-52846
* CVE-2024-26923
* CVE-2024-36899
* CVE-2024-40909
* CVE-2024-40954
* CVE-2024-41059

CVSS scores:

* CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves six vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_13_58 fixes several issues.

The following security issues were fixed:

* CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify
(bsc#1225739).
* CVE-2024-40954: net: do not leave a dangling sk pointer, when socket
creation fails (bsc#1227808)
* CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
* CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free()
(bsc#1228349).
* CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame()
(bsc#1225099).
* CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in
__unix_gc() (bsc#1223683).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-3636=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3636=1

## Package List:

* openSUSE Leap 15.5 (x86_64)
* kernel-livepatch-SLE15-SP5-RT_Update_16-debugsource-4-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_58-rt-debuginfo-4-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_58-rt-4-150500.11.6.1
* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-SLE15-SP5-RT_Update_16-debugsource-4-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_58-rt-debuginfo-4-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_58-rt-4-150500.11.6.1

## References:

* https://www.suse.com/security/cve/CVE-2023-52846.html
* https://www.suse.com/security/cve/CVE-2024-26923.html
* https://www.suse.com/security/cve/CVE-2024-36899.html
* https://www.suse.com/security/cve/CVE-2024-40909.html
* https://www.suse.com/security/cve/CVE-2024-40954.html
* https://www.suse.com/security/cve/CVE-2024-41059.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223683
* https://bugzilla.suse.com/show_bug.cgi?id=1225099
* https://bugzilla.suse.com/show_bug.cgi?id=1225739
* https://bugzilla.suse.com/show_bug.cgi?id=1228349
* https://bugzilla.suse.com/show_bug.cgi?id=1228573
* https://bugzilla.suse.com/show_bug.cgi?id=1228786



SUSE-SU-2024:3632-1: important: Security update for the Linux Kernel RT (Live Patch 14 for SLE 15 SP5)


# Security update for the Linux Kernel RT (Live Patch 14 for SLE 15 SP5)

Announcement ID: SUSE-SU-2024:3632-1
Release Date: 2024-10-15T09:03:56Z
Rating: important
References:

* bsc#1223363
* bsc#1223683
* bsc#1225013
* bsc#1225099
* bsc#1225312
* bsc#1225739
* bsc#1226325
* bsc#1228573
* bsc#1228786

Cross-References:

* CVE-2023-52846
* CVE-2024-26828
* CVE-2024-26923
* CVE-2024-27398
* CVE-2024-35861
* CVE-2024-36899
* CVE-2024-36964
* CVE-2024-40954
* CVE-2024-41059

CVSS scores:

* CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
* CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves nine vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_13_52 fixes several issues.

The following security issues were fixed:

* CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()
(bsc#1225312).
* CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify
(bsc#1225739).
* CVE-2024-40954: net: do not leave a dangling sk pointer, when socket
creation fails (bsc#1227808)
* CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
* CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000
(bsc#1226325).
* CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame()
(bsc#1225099).
* CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout
(bsc#1225013).
* CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in
__unix_gc() (bsc#1223683).
* CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-3632=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3632=1

## Package List:

* openSUSE Leap 15.5 (x86_64)
* kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo-5-150500.11.8.1
* kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource-5-150500.11.8.1
* kernel-livepatch-5_14_21-150500_13_52-rt-5-150500.11.8.1
* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo-5-150500.11.8.1
* kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource-5-150500.11.8.1
* kernel-livepatch-5_14_21-150500_13_52-rt-5-150500.11.8.1

## References:

* https://www.suse.com/security/cve/CVE-2023-52846.html
* https://www.suse.com/security/cve/CVE-2024-26828.html
* https://www.suse.com/security/cve/CVE-2024-26923.html
* https://www.suse.com/security/cve/CVE-2024-27398.html
* https://www.suse.com/security/cve/CVE-2024-35861.html
* https://www.suse.com/security/cve/CVE-2024-36899.html
* https://www.suse.com/security/cve/CVE-2024-36964.html
* https://www.suse.com/security/cve/CVE-2024-40954.html
* https://www.suse.com/security/cve/CVE-2024-41059.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223363
* https://bugzilla.suse.com/show_bug.cgi?id=1223683
* https://bugzilla.suse.com/show_bug.cgi?id=1225013
* https://bugzilla.suse.com/show_bug.cgi?id=1225099
* https://bugzilla.suse.com/show_bug.cgi?id=1225312
* https://bugzilla.suse.com/show_bug.cgi?id=1225739
* https://bugzilla.suse.com/show_bug.cgi?id=1226325
* https://bugzilla.suse.com/show_bug.cgi?id=1228573
* https://bugzilla.suse.com/show_bug.cgi?id=1228786



SUSE-SU-2024:3639-1: important: Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP5)


# Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP5)

Announcement ID: SUSE-SU-2024:3639-1
Release Date: 2024-10-15T12:03:52Z
Rating: important
References:

* bsc#1221302
* bsc#1223059
* bsc#1223363
* bsc#1223514
* bsc#1223521
* bsc#1223683
* bsc#1225013
* bsc#1225099
* bsc#1225310
* bsc#1225312
* bsc#1225739
* bsc#1226325
* bsc#1228573
* bsc#1228786

Cross-References:

* CVE-2022-48651
* CVE-2022-48662
* CVE-2023-52846
* CVE-2024-26610
* CVE-2024-26828
* CVE-2024-26852
* CVE-2024-26923
* CVE-2024-27398
* CVE-2024-35861
* CVE-2024-35950
* CVE-2024-36899
* CVE-2024-36964
* CVE-2024-40954
* CVE-2024-41059

CVSS scores:

* CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
* CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves 14 vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_13_47 fixes several issues.

The following security issues were fixed:

* CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()
(bsc#1225312).
* CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify
(bsc#1225739).
* CVE-2024-40954: net: do not leave a dangling sk pointer, when socket
creation fails (bsc#1227808)
* CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
* CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000
(bsc#1226325).
* CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame()
(bsc#1225099).
* CVE-2022-48662: Fixed a general protection fault (GPF) in
i915_perf_open_ioctl (bsc#1223521).
* CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout
(bsc#1225013).
* CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex
(bsc#1225310).
* CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in
__unix_gc() (bsc#1223683).
* CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
* CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify()
(bsc#1223059).
* CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).
* CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset
skb->mac_header (bsc#1223514).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3639=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-3639=1

## Package List:

* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-7-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_47-rt-7-150500.11.6.1
* kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-7-150500.11.6.1
* openSUSE Leap 15.5 (x86_64)
* kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-7-150500.11.6.1
* kernel-livepatch-5_14_21-150500_13_47-rt-7-150500.11.6.1
* kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-7-150500.11.6.1

## References:

* https://www.suse.com/security/cve/CVE-2022-48651.html
* https://www.suse.com/security/cve/CVE-2022-48662.html
* https://www.suse.com/security/cve/CVE-2023-52846.html
* https://www.suse.com/security/cve/CVE-2024-26610.html
* https://www.suse.com/security/cve/CVE-2024-26828.html
* https://www.suse.com/security/cve/CVE-2024-26852.html
* https://www.suse.com/security/cve/CVE-2024-26923.html
* https://www.suse.com/security/cve/CVE-2024-27398.html
* https://www.suse.com/security/cve/CVE-2024-35861.html
* https://www.suse.com/security/cve/CVE-2024-35950.html
* https://www.suse.com/security/cve/CVE-2024-36899.html
* https://www.suse.com/security/cve/CVE-2024-36964.html
* https://www.suse.com/security/cve/CVE-2024-40954.html
* https://www.suse.com/security/cve/CVE-2024-41059.html
* https://bugzilla.suse.com/show_bug.cgi?id=1221302
* https://bugzilla.suse.com/show_bug.cgi?id=1223059
* https://bugzilla.suse.com/show_bug.cgi?id=1223363
* https://bugzilla.suse.com/show_bug.cgi?id=1223514
* https://bugzilla.suse.com/show_bug.cgi?id=1223521
* https://bugzilla.suse.com/show_bug.cgi?id=1223683
* https://bugzilla.suse.com/show_bug.cgi?id=1225013
* https://bugzilla.suse.com/show_bug.cgi?id=1225099
* https://bugzilla.suse.com/show_bug.cgi?id=1225310
* https://bugzilla.suse.com/show_bug.cgi?id=1225312
* https://bugzilla.suse.com/show_bug.cgi?id=1225739
* https://bugzilla.suse.com/show_bug.cgi?id=1226325
* https://bugzilla.suse.com/show_bug.cgi?id=1228573
* https://bugzilla.suse.com/show_bug.cgi?id=1228786



SUSE-SU-2024:3638-1: important: Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP5)


# Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP5)

Announcement ID: SUSE-SU-2024:3638-1
Release Date: 2024-10-15T12:03:46Z
Rating: important
References:

* bsc#1225312
* bsc#1225739
* bsc#1226325
* bsc#1228573
* bsc#1228786

Cross-References:

* CVE-2024-35861
* CVE-2024-36899
* CVE-2024-36964
* CVE-2024-40954
* CVE-2024-41059

CVSS scores:

* CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves five vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_13_21 fixes several issues.

The following security issues were fixed:

* CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()
(bsc#1225312).
* CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify
(bsc#1225739).
* CVE-2024-40954: net: do not leave a dangling sk pointer, when socket
creation fails (bsc#1227808)
* CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
* CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000
(bsc#1226325).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-3638=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3638=1

## Package List:

* openSUSE Leap 15.5 (x86_64)
* kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-13-150500.2.1
* kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-13-150500.2.1
* kernel-livepatch-5_14_21-150500_13_21-rt-13-150500.2.1
* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-13-150500.2.1
* kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-13-150500.2.1
* kernel-livepatch-5_14_21-150500_13_21-rt-13-150500.2.1

## References:

* https://www.suse.com/security/cve/CVE-2024-35861.html
* https://www.suse.com/security/cve/CVE-2024-36899.html
* https://www.suse.com/security/cve/CVE-2024-36964.html
* https://www.suse.com/security/cve/CVE-2024-40954.html
* https://www.suse.com/security/cve/CVE-2024-41059.html
* https://bugzilla.suse.com/show_bug.cgi?id=1225312
* https://bugzilla.suse.com/show_bug.cgi?id=1225739
* https://bugzilla.suse.com/show_bug.cgi?id=1226325
* https://bugzilla.suse.com/show_bug.cgi?id=1228573
* https://bugzilla.suse.com/show_bug.cgi?id=1228786



openSUSE-SU-2024:14400-1: moderate: etcd-for-k8s1.30-3.5.15-1.1 on GA media


# etcd-for-k8s1.30-3.5.15-1.1 on GA media

Announcement ID: openSUSE-SU-2024:14400-1
Rating: moderate

Cross-References:

* CVE-2023-45288

CVSS scores:

* CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the etcd-for-k8s1.30-3.5.15-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* etcd-for-k8s1.30 3.5.15-1.1

## References:

* https://www.suse.com/security/cve/CVE-2023-45288.html



openSUSE-SU-2024:14401-1: moderate: libsonivox3-3.6.14-1.1 on GA media


# libsonivox3-3.6.14-1.1 on GA media

Announcement ID: openSUSE-SU-2024:14401-1
Rating: moderate

Cross-References:

* CVE-2024-23709

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the libsonivox3-3.6.14-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libsonivox3 3.6.14-1.1
* sonivox-devel 3.6.14-1.1

## References:

* https://www.suse.com/security/cve/CVE-2024-23709.html



openSUSE-SU-2024:14399-1: moderate: etcd-for-k8s1.28-3.5.15-1.1 on GA media


# etcd-for-k8s1.28-3.5.15-1.1 on GA media

Announcement ID: openSUSE-SU-2024:14399-1
Rating: moderate

Cross-References:

* CVE-2023-45288

CVSS scores:

* CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the etcd-for-k8s1.28-3.5.15-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* etcd-for-k8s1.28 3.5.15-1.1

## References:

* https://www.suse.com/security/cve/CVE-2023-45288.html


Thunderbird, OpenIPMI, Podman, Firefox, Container-Tools updates for AlmaLinux

ImageMagick, Linux Kernel, Nano updates for Ubuntu

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...