{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.3.18-150300.175.1","kernel-source-rt":"5.3.18-150300.175.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.1","name":"kernel-rt","purl":"pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-150300.175.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.3.18-150300.175.1","kernel-source-rt":"5.3.18-150300.175.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.1","name":"kernel-source-rt","purl":"pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-150300.175.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.3.18-150300.175.1","kernel-source-rt":"5.3.18-150300.175.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.2","name":"kernel-rt","purl":"pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-150300.175.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.3.18-150300.175.1","kernel-source-rt":"5.3.18-150300.175.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.2","name":"kernel-source-rt","purl":"pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-150300.175.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\n    The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.\n\n\n    The following security bugs were fixed:\n\n    - CVE-2021-47247: net/mlx5e: Fix use-after-free of encap entry in neigh update handler (bsc#1224865).\n    - CVE-2021-47311: net: qcom/emac: fix UAF in emac_remove (bsc#1225010).\n    - CVE-2021-47368: enetc: Fix illegal access when reading affinity_hint (bsc#1225161).\n    - CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184).\n    - CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203).\n    - CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).\n    - CVE-2022-2938: psi: Fix uaf issue when psi trigger is destroyed while being polled (bsc#1202623).\n    - CVE-2022-48760: USB: core: Fix hang in usb_kill_urb by adding memory barriers (bsc#1226712).\n    - CVE-2023-52707: sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1225109). polled (bsc#1202623).\n    - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).\n    - CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).\n    - CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).\n    - CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).\n    - CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).\n    - CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).\n    - CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).\n    - CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).\n    - CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).\n    - CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).\n    - CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).\n    - CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).\n    - CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).\n    - CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).\n    - CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).\n\n    The following non-security bugs were fixed:\n\n    - NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).\n    - ocfs2: adjust enabling place for la window (bsc#1219224).\n    - ocfs2: fix sparse warnings (bsc#1219224).\n    - ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).\n    - ocfs2: speed up chain-list searching (bsc#1219224).\n    - psi: Fix uaf issue when psi trigger is destroyed while being\n    - x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).\n  ","id":"SUSE-SU-2024:2384-1","modified":"2024-07-10T12:03:43Z","published":"2024-07-10T12:03:43Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20242384-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1156395"},{"type":"REPORT","url":"https://bugzilla.suse.com/1171988"},{"type":"REPORT","url":"https://bugzilla.suse.com/1176447"},{"type":"REPORT","url":"https://bugzilla.suse.com/1176774"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181147"},{"type":"REPORT","url":"https://bugzilla.suse.com/1191958"},{"type":"REPORT","url":"https://bugzilla.suse.com/1195065"},{"type":"REPORT","url":"https://bugzilla.suse.com/1195254"},{"type":"REPORT","url":"https://bugzilla.suse.com/1195798"},{"type":"REPORT","url":"https://bugzilla.suse.com/1202623"},{"type":"REPORT","url":"https://bugzilla.suse.com/1218148"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219224"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219633"},{"type":"REPORT","url":"https://bugzilla.suse.com/1222015"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223011"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224671"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224703"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224749"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224764"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224765"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224766"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224865"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225010"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225047"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225109"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225161"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225184"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225203"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225487"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225518"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225611"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225732"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225749"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225840"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225866"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226226"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226537"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226552"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226554"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226557"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226558"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226562"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226563"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226575"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226583"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226585"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226587"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226595"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226614"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226619"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226621"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226624"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226643"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226644"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226645"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226647"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226650"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226669"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226670"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226672"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226674"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226679"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226686"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226691"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226692"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226698"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226703"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226708"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226709"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226711"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226712"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226713"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226715"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226716"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226720"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226721"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226732"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226762"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226785"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226786"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226962"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-43389"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-4439"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47247"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47311"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47328"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47368"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47372"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47379"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47571"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47576"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47583"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47589"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47595"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47596"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47600"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47602"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47609"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47611"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47612"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47617"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47618"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47619"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-47620"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-2938"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48711"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48715"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48717"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48722"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48724"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48726"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48728"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48730"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48732"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48736"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48737"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48738"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48746"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48747"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48748"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48749"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48752"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48754"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48756"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48758"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48759"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48760"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48767"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48768"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48771"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-24023"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-52707"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-52752"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-52881"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-26822"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-35789"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-35861"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-35862"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-35864"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-35878"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-35950"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-36894"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-36904"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-36940"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-36964"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-38541"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-38545"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-38559"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-38560"}],"related":["CVE-2021-43389","CVE-2021-4439","CVE-2021-47247","CVE-2021-47311","CVE-2021-47328","CVE-2021-47368","CVE-2021-47372","CVE-2021-47379","CVE-2021-47571","CVE-2021-47576","CVE-2021-47583","CVE-2021-47589","CVE-2021-47595","CVE-2021-47596","CVE-2021-47600","CVE-2021-47602","CVE-2021-47609","CVE-2021-47611","CVE-2021-47612","CVE-2021-47617","CVE-2021-47618","CVE-2021-47619","CVE-2021-47620","CVE-2022-2938","CVE-2022-48711","CVE-2022-48715","CVE-2022-48717","CVE-2022-48722","CVE-2022-48724","CVE-2022-48726","CVE-2022-48728","CVE-2022-48730","CVE-2022-48732","CVE-2022-48736","CVE-2022-48737","CVE-2022-48738","CVE-2022-48746","CVE-2022-48747","CVE-2022-48748","CVE-2022-48749","CVE-2022-48752","CVE-2022-48754","CVE-2022-48756","CVE-2022-48758","CVE-2022-48759","CVE-2022-48760","CVE-2022-48767","CVE-2022-48768","CVE-2022-48771","CVE-2023-24023","CVE-2023-52707","CVE-2023-52752","CVE-2023-52881","CVE-2024-26822","CVE-2024-35789","CVE-2024-35861","CVE-2024-35862","CVE-2024-35864","CVE-2024-35878","CVE-2024-35950","CVE-2024-36894","CVE-2024-36904","CVE-2024-36940","CVE-2024-36964","CVE-2024-38541","CVE-2024-38545","CVE-2024-38559","CVE-2024-38560"],"summary":"Security update for the Linux Kernel","upstream":["CVE-2021-43389","CVE-2021-4439","CVE-2021-47247","CVE-2021-47311","CVE-2021-47328","CVE-2021-47368","CVE-2021-47372","CVE-2021-47379","CVE-2021-47571","CVE-2021-47576","CVE-2021-47583","CVE-2021-47589","CVE-2021-47595","CVE-2021-47596","CVE-2021-47600","CVE-2021-47602","CVE-2021-47609","CVE-2021-47611","CVE-2021-47612","CVE-2021-47617","CVE-2021-47618","CVE-2021-47619","CVE-2021-47620","CVE-2022-2938","CVE-2022-48711","CVE-2022-48715","CVE-2022-48717","CVE-2022-48722","CVE-2022-48724","CVE-2022-48726","CVE-2022-48728","CVE-2022-48730","CVE-2022-48732","CVE-2022-48736","CVE-2022-48737","CVE-2022-48738","CVE-2022-48746","CVE-2022-48747","CVE-2022-48748","CVE-2022-48749","CVE-2022-48752","CVE-2022-48754","CVE-2022-48756","CVE-2022-48758","CVE-2022-48759","CVE-2022-48760","CVE-2022-48767","CVE-2022-48768","CVE-2022-48771","CVE-2023-24023","CVE-2023-52707","CVE-2023-52752","CVE-2023-52881","CVE-2024-26822","CVE-2024-35789","CVE-2024-35861","CVE-2024-35862","CVE-2024-35864","CVE-2024-35878","CVE-2024-35950","CVE-2024-36894","CVE-2024-36904","CVE-2024-36940","CVE-2024-36964","CVE-2024-38541","CVE-2024-38545","CVE-2024-38559","CVE-2024-38560"]}