{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.3.18-150300.187.1","kernel-source-rt":"5.3.18-150300.187.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.1","name":"kernel-rt","purl":"pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-150300.187.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.3.18-150300.187.1","kernel-source-rt":"5.3.18-150300.187.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.1","name":"kernel-source-rt","purl":"pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-150300.187.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.3.18-150300.187.1","kernel-source-rt":"5.3.18-150300.187.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.2","name":"kernel-rt","purl":"pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-150300.187.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"kernel-rt":"5.3.18-150300.187.1","kernel-source-rt":"5.3.18-150300.187.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.2","name":"kernel-source-rt","purl":"pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.3.18-150300.187.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThe SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-48945: media: vivid: fix compose size exceed boundary (bsc#1230398).\n- CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.  (bsc#1229633).\n- CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).\n- CVE-2024-46695: selinux,smack: do not bypass permissions check in inode_setsecctx  hook (bsc#1230519).\n- CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).\n- CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).\n\nThe following non-security bugs were fixed:\n\n- ext4: add check to prevent attempting to resize an fs with sparse_super2 (bsc#1230326).\n- ext4: add reserved GDT blocks check (bsc#1230326).\n- ext4: consolidate checks for resize of bigalloc into ext4_resize_begin (bsc#1230326).\n- ext4: fix bug_on ext4_mb_use_inode_pa (bsc#1230326).\n- kabi: add __nf_queue_get_refs() for kabi compliance.\n- No -rt specific changes this merge.\n- PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666).\n- Revert 'ext4: consolidate checks for resize of bigalloc into ext4_resize_begin' (bsc#1230326).\n","id":"SUSE-SU-2024:3567-1","modified":"2024-10-09T09:46:04Z","published":"2024-10-09T09:46:04Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20243567-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226666"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227487"},{"type":"REPORT","url":"https://bugzilla.suse.com/1229633"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230015"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230245"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230326"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230398"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230434"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230519"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230767"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48911"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-48945"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-44946"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-45003"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-45021"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-46695"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-46774"}],"related":["CVE-2022-48911","CVE-2022-48945","CVE-2024-44946","CVE-2024-45003","CVE-2024-45021","CVE-2024-46695","CVE-2024-46774"],"summary":"Security update for the Linux Kernel","upstream":["CVE-2022-48911","CVE-2022-48945","CVE-2024-44946","CVE-2024-45003","CVE-2024-45021","CVE-2024-46695","CVE-2024-46774"]}