Bug 1232170 (CVE-2022-49007) - VUL-0: CVE-2022-49007: kernel: nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()
Summary: VUL-0: CVE-2022-49007: kernel: nilfs2: fix NULL pointer dereference in nilfs_...
Status: RESOLVED FIXED
Alias: CVE-2022-49007
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/425154/
Whiteboard: CVSSv3.1:SUSE:CVE-2022-49007:5.5:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2024-10-23 12:11 UTC by SMASH SMASH
Modified: 2024-12-17 16:33 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description SMASH SMASH 2024-10-23 12:11:10 UTC 
In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix NULL pointer dereference in nilfs_palloc_commit_free_entry()

Syzbot reported a null-ptr-deref bug:

 NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP
 frequency < 30 seconds
 general protection fault, probably for non-canonical address
 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN
 KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]
 CPU: 1 PID: 3603 Comm: segctord Not tainted
 6.1.0-rc2-syzkaller-00105-gb229b6ca5abb #0
 Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google
 10/11/2022
 RIP: 0010:nilfs_palloc_commit_free_entry+0xe5/0x6b0
 fs/nilfs2/alloc.c:608
 Code: 00 00 00 00 fc ff df 80 3c 02 00 0f 85 cd 05 00 00 48 b8 00 00 00
 00 00 fc ff df 4c 8b 73 08 49 8d 7e 10 48 89 fa 48 c1 ea 03 <80> 3c 02
 00 0f 85 26 05 00 00 49 8b 46 10 be a6 00 00 00 48 c7 c7
 RSP: 0018:ffffc90003dff830 EFLAGS: 00010212
 RAX: dffffc0000000000 RBX: ffff88802594e218 RCX: 000000000000000d
 RDX: 0000000000000002 RSI: 0000000000002000 RDI: 0000000000000010
 RBP: ffff888071880222 R08: 0000000000000005 R09: 000000000000003f
 R10: 000000000000000d R11: 0000000000000000 R12: ffff888071880158
 R13: ffff88802594e220 R14: 0000000000000000 R15: 0000000000000004
 FS:  0000000000000000(0000) GS:ffff8880b9b00000(0000)
 knlGS:0000000000000000
 CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
 CR2: 00007fb1c08316a8 CR3: 0000000018560000 CR4: 0000000000350ee0
 Call Trace:
  <TASK>
  nilfs_dat_commit_free fs/nilfs2/dat.c:114 [inline]
  nilfs_dat_commit_end+0x464/0x5f0 fs/nilfs2/dat.c:193
  nilfs_dat_commit_update+0x26/0x40 fs/nilfs2/dat.c:236
  nilfs_btree_commit_update_v+0x87/0x4a0 fs/nilfs2/btree.c:1940
  nilfs_btree_commit_propagate_v fs/nilfs2/btree.c:2016 [inline]
  nilfs_btree_propagate_v fs/nilfs2/btree.c:2046 [inline]
  nilfs_btree_propagate+0xa00/0xd60 fs/nilfs2/btree.c:2088
  nilfs_bmap_propagate+0x73/0x170 fs/nilfs2/bmap.c:337
  nilfs_collect_file_data+0x45/0xd0 fs/nilfs2/segment.c:568
  nilfs_segctor_apply_buffers+0x14a/0x470 fs/nilfs2/segment.c:1018
  nilfs_segctor_scan_file+0x3f4/0x6f0 fs/nilfs2/segment.c:1067
  nilfs_segctor_collect_blocks fs/nilfs2/segment.c:1197 [inline]
  nilfs_segctor_collect fs/nilfs2/segment.c:1503 [inline]
  nilfs_segctor_do_construct+0x12fc/0x6af0 fs/nilfs2/segment.c:2045
  nilfs_segctor_construct+0x8e3/0xb30 fs/nilfs2/segment.c:2379
  nilfs_segctor_thread_construct fs/nilfs2/segment.c:2487 [inline]
  nilfs_segctor_thread+0x3c3/0xf30 fs/nilfs2/segment.c:2570
  kthread+0x2e4/0x3a0 kernel/kthread.c:376
  ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306
  </TASK>
 ...

If DAT metadata file is corrupted on disk, there is a case where
req->pr_desc_bh is NULL and blocknr is 0 at nilfs_dat_commit_end() during
a b-tree operation that cascadingly updates ancestor nodes of the b-tree,
because nilfs_dat_commit_alloc() for a lower level block can initialize
the blocknr on the same DAT entry between nilfs_dat_prepare_end() and
nilfs_dat_commit_end().

If this happens, nilfs_dat_commit_end() calls nilfs_dat_commit_free()
without valid buffer heads in req->pr_desc_bh and req->pr_bitmap_bh, and
causes the NULL pointer dereference above in
nilfs_palloc_commit_free_entry() function, which leads to a crash.

Fix this by adding a NULL check on req->pr_desc_bh and req->pr_bitmap_bh
before nilfs_palloc_commit_free_entry() in nilfs_dat_commit_free().

This also calls nilfs_error() in that case to notify that there is a fatal
flaw in the filesystem metadata and prevent further operations.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-49007
https://www.cve.org/CVERecord?id=CVE-2022-49007
https://git.kernel.org/stable/c/165c7a3b27a3857ebf57f626b9f38b48b6792e68
https://git.kernel.org/stable/c/2f2c59506ae39496588ceb8b88bdbdbaed895d63
https://git.kernel.org/stable/c/33021419fd81efd3d729a7f19341ba4b98fe66ce
https://git.kernel.org/stable/c/381b84f60e549ea98cec4666c6c728b1b3318756
https://git.kernel.org/stable/c/9a130b72e6bd1fb07fc3cde839dc6fb53da76f07
https://git.kernel.org/stable/c/bc3fd3293887b4cf84a9109700faeb82de533c89
https://git.kernel.org/stable/c/e858917ab785afe83c14f5ac141301216ccda847
https://git.kernel.org/stable/c/f0a0ccda18d6fd826d7c7e7ad48a6ed61c20f8b4
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2022/CVE-2022-49007.mbox
https://bugzilla.redhat.com/show_bug.cgi?id=2320740
Comment 3 Andrea Mattiazzo 2024-10-25 14:23:27 UTC 
Nothing to be done, closing.
Comment 12 Maintenance Automation 2024-11-13 12:41:18 UTC 
SUSE-SU-2024:3985-1: An update that solves 211 vulnerabilities and has 41 security fixes can now be installed.

URL: https://www.suse.com/support/update/announcement/2024/suse-su-20243985-1
Category: security (important)
Bug References: 1054914, 1065729, 1194869, 1204171, 1205796, 1206188, 1206344, 1209290, 1210449, 1210627, 1213034, 1216813, 1218562, 1223384, 1223524, 1223824, 1225189, 1225336, 1225611, 1225762, 1226498, 1226631, 1226797, 1227437, 1227885, 1228119, 1228269, 1228709, 1228743, 1228747, 1229005, 1229019, 1229450, 1229454, 1229456, 1229556, 1229769, 1229837, 1229891, 1230055, 1230179, 1230289, 1230405, 1230414, 1230429, 1230456, 1230550, 1230600, 1230620, 1230715, 1230722, 1230763, 1230773, 1230774, 1230801, 1230903, 1230918, 1231016, 1231072, 1231073, 1231084, 1231085, 1231087, 1231094, 1231096, 1231105, 1231114, 1231115, 1231148, 1231179, 1231191, 1231193, 1231195, 1231197, 1231200, 1231203, 1231277, 1231293, 1231327, 1231344, 1231375, 1231383, 1231439, 1231442, 1231496, 1231502, 1231539, 1231540, 1231578, 1231673, 1231857, 1231861, 1231872, 1231883, 1231885, 1231887, 1231888, 1231889, 1231890, 1231892, 1231893, 1231895, 1231896, 1231897, 1231902, 1231903, 1231907, 1231914, 1231929, 1231935, 1231936, 1231937, 1231938, 1231939, 1231940, 1231941, 1231942, 1231944, 1231950, 1231954, 1231958, 1231960, 1231961, 1231962, 1231965, 1231967, 1231968, 1231972, 1231973, 1231976, 1231979, 1231987, 1231988, 1231990, 1231991, 1231992, 1231995, 1231996, 1231997, 1231998, 1232001, 1232004, 1232005, 1232006, 1232007, 1232025, 1232026, 1232033, 1232034, 1232035, 1232036, 1232037, 1232038, 1232039, 1232043, 1232049, 1232067, 1232069, 1232070, 1232071, 1232075, 1232083, 1232084, 1232085, 1232089, 1232097, 1232104, 1232105, 1232108, 1232114, 1232116, 1232119, 1232120, 1232123, 1232124, 1232133, 1232135, 1232136, 1232140, 1232145, 1232149, 1232150, 1232151, 1232154, 1232155, 1232160, 1232163, 1232164, 1232170, 1232172, 1232174, 1232175, 1232191, 1232196, 1232199, 1232200, 1232201, 1232217, 1232220, 1232221, 1232229, 1232233, 1232237, 1232251, 1232253, 1232259, 1232260, 1232262, 1232263, 1232282, 1232285, 1232286, 1232304, 1232305, 1232307, 1232309, 1232310, 1232313, 1232314, 1232316, 1232329, 1232332, 1232335, 1232337, 1232342, 1232345, 1232352, 1232354, 1232355, 1232358, 1232361, 1232366, 1232367, 1232368, 1232369, 1232374, 1232381, 1232383, 1232392, 1232395, 1232418, 1232424, 1232432, 1232435, 1232442, 1232446, 1232501, 1232519, 1232630, 1232631, 1232632, 1232757
CVE References: CVE-2021-47416, CVE-2021-47534, CVE-2022-3435, CVE-2022-45934, CVE-2022-48664, CVE-2022-48879, CVE-2022-48946, CVE-2022-48947, CVE-2022-48948, CVE-2022-48949, CVE-2022-48951, CVE-2022-48953, CVE-2022-48954, CVE-2022-48955, CVE-2022-48956, CVE-2022-48957, CVE-2022-48958, CVE-2022-48959, CVE-2022-48960, CVE-2022-48961, CVE-2022-48962, CVE-2022-48966, CVE-2022-48967, CVE-2022-48968, CVE-2022-48969, CVE-2022-48970, CVE-2022-48971, CVE-2022-48972, CVE-2022-48973, CVE-2022-48975, CVE-2022-48977, CVE-2022-48978, CVE-2022-48980, CVE-2022-48981, CVE-2022-48985, CVE-2022-48987, CVE-2022-48988, CVE-2022-48991, CVE-2022-48992, CVE-2022-48994, CVE-2022-48995, CVE-2022-48997, CVE-2022-48999, CVE-2022-49000, CVE-2022-49002, CVE-2022-49003, CVE-2022-49005, CVE-2022-49006, CVE-2022-49007, CVE-2022-49010, CVE-2022-49011, CVE-2022-49012, CVE-2022-49014, CVE-2022-49015, CVE-2022-49016, CVE-2022-49017, CVE-2022-49019, CVE-2022-49020, CVE-2022-49021, CVE-2022-49022, CVE-2022-49023, CVE-2022-49024, CVE-2022-49025, CVE-2022-49026, CVE-2022-49027, CVE-2022-49028, CVE-2022-49029, CVE-2022-49031, CVE-2022-49032, CVE-2023-2166, CVE-2023-28327, CVE-2023-52766, CVE-2023-52800, CVE-2023-52881, CVE-2023-52919, CVE-2023-6270, CVE-2024-27043, CVE-2024-36244, CVE-2024-36957, CVE-2024-39476, CVE-2024-40965, CVE-2024-42145, CVE-2024-42226, CVE-2024-42253, CVE-2024-44931, CVE-2024-44947, CVE-2024-44958, CVE-2024-45016, CVE-2024-45025, CVE-2024-46678, CVE-2024-46716, CVE-2024-46719, CVE-2024-46754, CVE-2024-46770, CVE-2024-46775, CVE-2024-46777, CVE-2024-46809, CVE-2024-46811, CVE-2024-46813, CVE-2024-46814, CVE-2024-46815, CVE-2024-46816, CVE-2024-46817, CVE-2024-46818, CVE-2024-46826, CVE-2024-46828, CVE-2024-46834, CVE-2024-46840, CVE-2024-46841, CVE-2024-46848, CVE-2024-46849, CVE-2024-46854, CVE-2024-46855, CVE-2024-46857, CVE-2024-47660, CVE-2024-47661, CVE-2024-47664, CVE-2024-47668, CVE-2024-47672, CVE-2024-47673, CVE-2024-47674, CVE-2024-47684, CVE-2024-47685, CVE-2024-47692, CVE-2024-47704, CVE-2024-47705, CVE-2024-47706, CVE-2024-47707, CVE-2024-47710, CVE-2024-47720, CVE-2024-47727, CVE-2024-47730, CVE-2024-47738, CVE-2024-47739, CVE-2024-47745, CVE-2024-47747, CVE-2024-47748, CVE-2024-49858, CVE-2024-49860, CVE-2024-49866, CVE-2024-49867, CVE-2024-49881, CVE-2024-49882, CVE-2024-49883, CVE-2024-49886, CVE-2024-49890, CVE-2024-49892, CVE-2024-49894, CVE-2024-49895, CVE-2024-49896, CVE-2024-49897, CVE-2024-49899, CVE-2024-49901, CVE-2024-49906, CVE-2024-49908, CVE-2024-49909, CVE-2024-49911, CVE-2024-49912, CVE-2024-49913, CVE-2024-49914, CVE-2024-49917, CVE-2024-49918, CVE-2024-49919, CVE-2024-49920, CVE-2024-49922, CVE-2024-49923, CVE-2024-49929, CVE-2024-49930, CVE-2024-49933, CVE-2024-49936, CVE-2024-49939, CVE-2024-49946, CVE-2024-49949, CVE-2024-49954, CVE-2024-49955, CVE-2024-49958, CVE-2024-49959, CVE-2024-49960, CVE-2024-49962, CVE-2024-49967, CVE-2024-49969, CVE-2024-49973, CVE-2024-49974, CVE-2024-49975, CVE-2024-49982, CVE-2024-49991, CVE-2024-49993, CVE-2024-49995, CVE-2024-49996, CVE-2024-50000, CVE-2024-50001, CVE-2024-50002, CVE-2024-50006, CVE-2024-50014, CVE-2024-50019, CVE-2024-50024, CVE-2024-50028, CVE-2024-50033, CVE-2024-50035, CVE-2024-50041, CVE-2024-50045, CVE-2024-50046, CVE-2024-50047, CVE-2024-50048, CVE-2024-50049, CVE-2024-50055, CVE-2024-50058, CVE-2024-50059, CVE-2024-50061, CVE-2024-50063, CVE-2024-50081
Maintenance Incident: [SUSE:Maintenance:36388](https://smelt.suse.de/incident/36388/)
Sources used:
SUSE Real Time Module 15-SP5 (src):
 kernel-syms-rt-5.14.21-150500.13.76.1, kernel-source-rt-5.14.21-150500.13.76.1
openSUSE Leap 15.5 (src):
 kernel-syms-rt-5.14.21-150500.13.76.1, kernel-livepatch-SLE15-SP5-RT_Update_22-1-150500.11.3.1, kernel-source-rt-5.14.21-150500.13.76.1
SUSE Linux Enterprise Micro 5.5 (src):
 kernel-source-rt-5.14.21-150500.13.76.1
SUSE Linux Enterprise Live Patching 15-SP5 (src):
 kernel-livepatch-SLE15-SP5-RT_Update_22-1-150500.11.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 13 Maintenance Automation 2024-11-13 12:48:25 UTC 
SUSE-SU-2024:3983-1: An update that solves 204 vulnerabilities and has 30 security fixes can now be installed.

URL: https://www.suse.com/support/update/announcement/2024/suse-su-20243983-1
Category: security (important)
Bug References: 1204171, 1205796, 1206188, 1206344, 1209290, 1210449, 1210627, 1213034, 1216813, 1218562, 1223384, 1223524, 1223824, 1225189, 1225336, 1225611, 1225762, 1226498, 1226797, 1227437, 1227885, 1228119, 1228269, 1228709, 1228743, 1229005, 1229019, 1229450, 1229454, 1229456, 1229556, 1229769, 1229837, 1230179, 1230405, 1230414, 1230429, 1230456, 1230600, 1230620, 1230715, 1230722, 1230773, 1230801, 1230903, 1230918, 1231016, 1231072, 1231073, 1231094, 1231096, 1231105, 1231114, 1231148, 1231179, 1231191, 1231193, 1231195, 1231197, 1231200, 1231203, 1231293, 1231344, 1231375, 1231383, 1231439, 1231442, 1231496, 1231502, 1231539, 1231540, 1231578, 1231673, 1231857, 1231861, 1231872, 1231883, 1231885, 1231887, 1231888, 1231889, 1231890, 1231892, 1231893, 1231895, 1231896, 1231897, 1231902, 1231903, 1231907, 1231914, 1231929, 1231935, 1231936, 1231937, 1231938, 1231939, 1231940, 1231941, 1231942, 1231944, 1231950, 1231954, 1231958, 1231960, 1231961, 1231962, 1231965, 1231967, 1231968, 1231972, 1231973, 1231976, 1231979, 1231987, 1231988, 1231990, 1231992, 1231995, 1231996, 1231997, 1231998, 1232001, 1232004, 1232005, 1232006, 1232007, 1232025, 1232026, 1232033, 1232034, 1232035, 1232036, 1232037, 1232038, 1232039, 1232043, 1232049, 1232067, 1232069, 1232070, 1232071, 1232075, 1232083, 1232084, 1232085, 1232089, 1232097, 1232104, 1232105, 1232108, 1232114, 1232116, 1232119, 1232120, 1232123, 1232124, 1232133, 1232135, 1232136, 1232140, 1232145, 1232149, 1232150, 1232151, 1232154, 1232155, 1232160, 1232163, 1232164, 1232170, 1232172, 1232174, 1232175, 1232191, 1232196, 1232199, 1232200, 1232201, 1232217, 1232220, 1232221, 1232229, 1232233, 1232237, 1232251, 1232253, 1232259, 1232260, 1232262, 1232263, 1232282, 1232285, 1232286, 1232304, 1232305, 1232307, 1232309, 1232310, 1232313, 1232314, 1232316, 1232329, 1232332, 1232335, 1232337, 1232342, 1232345, 1232352, 1232354, 1232355, 1232358, 1232361, 1232366, 1232367, 1232368, 1232369, 1232374, 1232381, 1232383, 1232392, 1232395, 1232418, 1232424, 1232432, 1232435, 1232442, 1232446, 1232501, 1232519, 1232630, 1232631, 1232632, 1232757
CVE References: CVE-2021-47416, CVE-2021-47534, CVE-2022-3435, CVE-2022-45934, CVE-2022-48664, CVE-2022-48879, CVE-2022-48946, CVE-2022-48947, CVE-2022-48948, CVE-2022-48949, CVE-2022-48951, CVE-2022-48953, CVE-2022-48954, CVE-2022-48955, CVE-2022-48956, CVE-2022-48957, CVE-2022-48958, CVE-2022-48959, CVE-2022-48960, CVE-2022-48961, CVE-2022-48962, CVE-2022-48966, CVE-2022-48967, CVE-2022-48968, CVE-2022-48969, CVE-2022-48970, CVE-2022-48971, CVE-2022-48972, CVE-2022-48973, CVE-2022-48975, CVE-2022-48977, CVE-2022-48978, CVE-2022-48980, CVE-2022-48981, CVE-2022-48985, CVE-2022-48987, CVE-2022-48988, CVE-2022-48991, CVE-2022-48992, CVE-2022-48994, CVE-2022-48995, CVE-2022-48997, CVE-2022-48999, CVE-2022-49000, CVE-2022-49002, CVE-2022-49003, CVE-2022-49005, CVE-2022-49006, CVE-2022-49007, CVE-2022-49010, CVE-2022-49011, CVE-2022-49012, CVE-2022-49014, CVE-2022-49015, CVE-2022-49016, CVE-2022-49017, CVE-2022-49019, CVE-2022-49020, CVE-2022-49021, CVE-2022-49022, CVE-2022-49023, CVE-2022-49024, CVE-2022-49025, CVE-2022-49026, CVE-2022-49027, CVE-2022-49028, CVE-2022-49029, CVE-2022-49031, CVE-2022-49032, CVE-2023-2166, CVE-2023-28327, CVE-2023-52766, CVE-2023-52800, CVE-2023-52881, CVE-2023-52919, CVE-2023-6270, CVE-2024-27043, CVE-2024-36244, CVE-2024-36957, CVE-2024-39476, CVE-2024-40965, CVE-2024-42145, CVE-2024-42226, CVE-2024-42253, CVE-2024-44931, CVE-2024-44947, CVE-2024-44958, CVE-2024-45016, CVE-2024-45025, CVE-2024-46716, CVE-2024-46719, CVE-2024-46754, CVE-2024-46777, CVE-2024-46809, CVE-2024-46811, CVE-2024-46813, CVE-2024-46814, CVE-2024-46815, CVE-2024-46816, CVE-2024-46817, CVE-2024-46818, CVE-2024-46828, CVE-2024-46834, CVE-2024-46840, CVE-2024-46841, CVE-2024-46848, CVE-2024-46849, CVE-2024-47660, CVE-2024-47661, CVE-2024-47664, CVE-2024-47668, CVE-2024-47672, CVE-2024-47673, CVE-2024-47674, CVE-2024-47684, CVE-2024-47685, CVE-2024-47692, CVE-2024-47704, CVE-2024-47705, CVE-2024-47706, CVE-2024-47707, CVE-2024-47710, CVE-2024-47720, CVE-2024-47727, CVE-2024-47730, CVE-2024-47738, CVE-2024-47739, CVE-2024-47745, CVE-2024-47747, CVE-2024-47748, CVE-2024-49858, CVE-2024-49860, CVE-2024-49866, CVE-2024-49867, CVE-2024-49881, CVE-2024-49882, CVE-2024-49883, CVE-2024-49886, CVE-2024-49890, CVE-2024-49892, CVE-2024-49894, CVE-2024-49895, CVE-2024-49896, CVE-2024-49897, CVE-2024-49899, CVE-2024-49901, CVE-2024-49906, CVE-2024-49908, CVE-2024-49909, CVE-2024-49911, CVE-2024-49912, CVE-2024-49913, CVE-2024-49914, CVE-2024-49917, CVE-2024-49918, CVE-2024-49919, CVE-2024-49920, CVE-2024-49922, CVE-2024-49923, CVE-2024-49929, CVE-2024-49930, CVE-2024-49933, CVE-2024-49936, CVE-2024-49939, CVE-2024-49946, CVE-2024-49949, CVE-2024-49954, CVE-2024-49955, CVE-2024-49958, CVE-2024-49959, CVE-2024-49960, CVE-2024-49962, CVE-2024-49967, CVE-2024-49969, CVE-2024-49973, CVE-2024-49974, CVE-2024-49975, CVE-2024-49982, CVE-2024-49991, CVE-2024-49993, CVE-2024-49995, CVE-2024-49996, CVE-2024-50000, CVE-2024-50001, CVE-2024-50002, CVE-2024-50006, CVE-2024-50014, CVE-2024-50019, CVE-2024-50024, CVE-2024-50028, CVE-2024-50033, CVE-2024-50035, CVE-2024-50041, CVE-2024-50045, CVE-2024-50046, CVE-2024-50047, CVE-2024-50048, CVE-2024-50049, CVE-2024-50055, CVE-2024-50058, CVE-2024-50059, CVE-2024-50061, CVE-2024-50063, CVE-2024-50081
Maintenance Incident: [SUSE:Maintenance:36346](https://smelt.suse.de/incident/36346/)
Sources used:
openSUSE Leap 15.5 (src):
 kernel-syms-azure-5.14.21-150500.33.72.1, kernel-source-azure-5.14.21-150500.33.72.1
Public Cloud Module 15-SP5 (src):
 kernel-syms-azure-5.14.21-150500.33.72.1, kernel-source-azure-5.14.21-150500.33.72.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 16 Maintenance Automation 2024-11-27 16:31:27 UTC 
SUSE-SU-2024:4082-1: An update that solves 101 vulnerabilities and has 15 security fixes can now be installed.

URL: https://www.suse.com/support/update/announcement/2024/suse-su-20244082-1
Category: security (important)
Bug References: 1204171, 1205796, 1206188, 1206344, 1209290, 1210449, 1210627, 1213034, 1216223, 1216813, 1218562, 1223384, 1223524, 1223824, 1225189, 1225336, 1225611, 1226666, 1228743, 1229454, 1229456, 1229556, 1230429, 1230442, 1230454, 1230600, 1230620, 1230715, 1230903, 1231016, 1231073, 1231191, 1231193, 1231195, 1231197, 1231200, 1231203, 1231293, 1231375, 1231502, 1231673, 1231861, 1231883, 1231885, 1231887, 1231888, 1231890, 1231892, 1231893, 1231895, 1231896, 1231897, 1231929, 1231936, 1231937, 1231938, 1231939, 1231940, 1231941, 1231942, 1231958, 1231960, 1231961, 1231962, 1231972, 1231976, 1231979, 1231987, 1231988, 1231991, 1231992, 1231995, 1231996, 1231997, 1232001, 1232005, 1232006, 1232007, 1232025, 1232026, 1232033, 1232035, 1232036, 1232037, 1232038, 1232039, 1232067, 1232069, 1232070, 1232071, 1232097, 1232108, 1232119, 1232120, 1232123, 1232133, 1232136, 1232145, 1232150, 1232163, 1232170, 1232172, 1232174, 1232229, 1232237, 1232260, 1232262, 1232282, 1232286, 1232304, 1232383, 1232395, 1232418, 1232424, 1232432, 1232519
CVE References: CVE-2021-47416, CVE-2021-47534, CVE-2022-3435, CVE-2022-45934, CVE-2022-48664, CVE-2022-48879, CVE-2022-48946, CVE-2022-48947, CVE-2022-48948, CVE-2022-48949, CVE-2022-48951, CVE-2022-48953, CVE-2022-48954, CVE-2022-48955, CVE-2022-48956, CVE-2022-48959, CVE-2022-48960, CVE-2022-48961, CVE-2022-48962, CVE-2022-48967, CVE-2022-48968, CVE-2022-48969, CVE-2022-48970, CVE-2022-48971, CVE-2022-48972, CVE-2022-48973, CVE-2022-48975, CVE-2022-48977, CVE-2022-48978, CVE-2022-48981, CVE-2022-48985, CVE-2022-48987, CVE-2022-48988, CVE-2022-48991, CVE-2022-48992, CVE-2022-48994, CVE-2022-48995, CVE-2022-48997, CVE-2022-48999, CVE-2022-49000, CVE-2022-49002, CVE-2022-49003, CVE-2022-49005, CVE-2022-49006, CVE-2022-49007, CVE-2022-49010, CVE-2022-49011, CVE-2022-49012, CVE-2022-49014, CVE-2022-49015, CVE-2022-49016, CVE-2022-49019, CVE-2022-49021, CVE-2022-49022, CVE-2022-49023, CVE-2022-49024, CVE-2022-49025, CVE-2022-49026, CVE-2022-49027, CVE-2022-49028, CVE-2022-49029, CVE-2022-49031, CVE-2022-49032, CVE-2023-2166, CVE-2023-28327, CVE-2023-52766, CVE-2023-52800, CVE-2023-52881, CVE-2023-52919, CVE-2023-6270, CVE-2024-27043, CVE-2024-42145, CVE-2024-44947, CVE-2024-45013, CVE-2024-45016, CVE-2024-45026, CVE-2024-46716, CVE-2024-46813, CVE-2024-46814, CVE-2024-46815, CVE-2024-46816, CVE-2024-46817, CVE-2024-46818, CVE-2024-46849, CVE-2024-47668, CVE-2024-47674, CVE-2024-47684, CVE-2024-47706, CVE-2024-47747, CVE-2024-47748, CVE-2024-49860, CVE-2024-49867, CVE-2024-49930, CVE-2024-49936, CVE-2024-49960, CVE-2024-49969, CVE-2024-49974, CVE-2024-49982, CVE-2024-49991, CVE-2024-49995, CVE-2024-50047
Maintenance Incident: [SUSE:Maintenance:36385](https://smelt.suse.de/incident/36385/)
Sources used:
SUSE Linux Enterprise Micro for Rancher 5.4 (src):
 kernel-source-rt-5.14.21-150400.15.100.1
SUSE Linux Enterprise Micro 5.4 (src):
 kernel-source-rt-5.14.21-150400.15.100.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src):
 kernel-source-rt-5.14.21-150400.15.100.1
SUSE Linux Enterprise Micro 5.3 (src):
 kernel-source-rt-5.14.21-150400.15.100.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Maintenance Automation 2024-12-02 12:33:52 UTC 
SUSE-SU-2024:4131-1: An update that solves 105 vulnerabilities, contains one feature and has 19 security fixes can now be installed.

URL: https://www.suse.com/support/update/announcement/2024/suse-su-20244131-1
Category: security (important)
Bug References: 1204171, 1205796, 1206188, 1206344, 1209290, 1210449, 1210627, 1213034, 1216223, 1216813, 1218562, 1220382, 1223384, 1223524, 1223824, 1225189, 1225336, 1225611, 1226666, 1228743, 1229345, 1229452, 1229454, 1229456, 1229556, 1230429, 1230442, 1230454, 1230600, 1230620, 1230715, 1230903, 1231016, 1231073, 1231191, 1231193, 1231195, 1231197, 1231200, 1231203, 1231293, 1231375, 1231502, 1231673, 1231861, 1231883, 1231885, 1231887, 1231888, 1231890, 1231892, 1231893, 1231895, 1231896, 1231897, 1231929, 1231936, 1231937, 1231938, 1231939, 1231940, 1231941, 1231942, 1231958, 1231960, 1231961, 1231962, 1231972, 1231976, 1231979, 1231987, 1231988, 1231991, 1231992, 1231995, 1231996, 1231997, 1232001, 1232005, 1232006, 1232007, 1232025, 1232026, 1232033, 1232035, 1232036, 1232037, 1232038, 1232039, 1232067, 1232069, 1232070, 1232071, 1232097, 1232108, 1232119, 1232120, 1232123, 1232133, 1232136, 1232145, 1232150, 1232163, 1232165, 1232170, 1232172, 1232174, 1232224, 1232229, 1232237, 1232260, 1232262, 1232281, 1232282, 1232286, 1232304, 1232383, 1232395, 1232418, 1232424, 1232432, 1232436, 1232519, 1233117
CVE References: CVE-2021-47416, CVE-2021-47534, CVE-2022-3435, CVE-2022-45934, CVE-2022-48664, CVE-2022-48879, CVE-2022-48946, CVE-2022-48947, CVE-2022-48948, CVE-2022-48949, CVE-2022-48951, CVE-2022-48953, CVE-2022-48954, CVE-2022-48955, CVE-2022-48956, CVE-2022-48959, CVE-2022-48960, CVE-2022-48961, CVE-2022-48962, CVE-2022-48967, CVE-2022-48968, CVE-2022-48969, CVE-2022-48970, CVE-2022-48971, CVE-2022-48972, CVE-2022-48973, CVE-2022-48975, CVE-2022-48977, CVE-2022-48978, CVE-2022-48981, CVE-2022-48985, CVE-2022-48987, CVE-2022-48988, CVE-2022-48991, CVE-2022-48992, CVE-2022-48994, CVE-2022-48995, CVE-2022-48997, CVE-2022-48999, CVE-2022-49000, CVE-2022-49002, CVE-2022-49003, CVE-2022-49005, CVE-2022-49006, CVE-2022-49007, CVE-2022-49010, CVE-2022-49011, CVE-2022-49012, CVE-2022-49014, CVE-2022-49015, CVE-2022-49016, CVE-2022-49019, CVE-2022-49021, CVE-2022-49022, CVE-2022-49023, CVE-2022-49024, CVE-2022-49025, CVE-2022-49026, CVE-2022-49027, CVE-2022-49028, CVE-2022-49029, CVE-2022-49031, CVE-2022-49032, CVE-2023-2166, CVE-2023-28327, CVE-2023-52766, CVE-2023-52800, CVE-2023-52881, CVE-2023-52919, CVE-2023-6270, CVE-2024-27043, CVE-2024-42145, CVE-2024-43854, CVE-2024-44947, CVE-2024-45013, CVE-2024-45016, CVE-2024-45026, CVE-2024-46716, CVE-2024-46813, CVE-2024-46814, CVE-2024-46815, CVE-2024-46816, CVE-2024-46817, CVE-2024-46818, CVE-2024-46849, CVE-2024-47668, CVE-2024-47674, CVE-2024-47684, CVE-2024-47706, CVE-2024-47747, CVE-2024-47748, CVE-2024-49860, CVE-2024-49867, CVE-2024-49925, CVE-2024-49930, CVE-2024-49936, CVE-2024-49945, CVE-2024-49960, CVE-2024-49969, CVE-2024-49974, CVE-2024-49982, CVE-2024-49991, CVE-2024-49995, CVE-2024-50047, CVE-2024-50208
Jira References: SLE-24682
Maintenance Incident: [SUSE:Maintenance:36342](https://smelt.suse.de/incident/36342/)
Sources used:
openSUSE Leap 15.4 (src):
 kernel-syms-5.14.21-150400.24.141.1, kernel-obs-build-5.14.21-150400.24.141.1, kernel-source-5.14.21-150400.24.141.1, kernel-livepatch-SLE15-SP4_Update_33-1-150400.9.5.1, kernel-obs-qa-5.14.21-150400.24.141.1, kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2
SUSE Linux Enterprise Micro for Rancher 5.3 (src):
 kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2
SUSE Linux Enterprise Micro 5.3 (src):
 kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2
SUSE Linux Enterprise Micro for Rancher 5.4 (src):
 kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2
SUSE Linux Enterprise Micro 5.4 (src):
 kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2
SUSE Linux Enterprise Live Patching 15-SP4 (src):
 kernel-livepatch-SLE15-SP4_Update_33-1-150400.9.5.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src):
 kernel-syms-5.14.21-150400.24.141.1, kernel-obs-build-5.14.21-150400.24.141.1, kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2, kernel-source-5.14.21-150400.24.141.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src):
 kernel-syms-5.14.21-150400.24.141.1, kernel-obs-build-5.14.21-150400.24.141.1, kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2, kernel-source-5.14.21-150400.24.141.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS (src):
 kernel-syms-5.14.21-150400.24.141.1, kernel-obs-build-5.14.21-150400.24.141.1, kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2, kernel-source-5.14.21-150400.24.141.1
SUSE Linux Enterprise Server 15 SP4 LTSS (src):
 kernel-syms-5.14.21-150400.24.141.1, kernel-obs-build-5.14.21-150400.24.141.1, kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2, kernel-source-5.14.21-150400.24.141.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src):
 kernel-syms-5.14.21-150400.24.141.1, kernel-obs-build-5.14.21-150400.24.141.1, kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2, kernel-source-5.14.21-150400.24.141.1
SUSE Manager Proxy 4.3 (src):
 kernel-syms-5.14.21-150400.24.141.1, kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2, kernel-source-5.14.21-150400.24.141.1
SUSE Manager Retail Branch Server 4.3 (src):
 kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2, kernel-source-5.14.21-150400.24.141.1
SUSE Manager Server 4.3 (src):
 kernel-syms-5.14.21-150400.24.141.1, kernel-default-base-5.14.21-150400.24.141.1.150400.24.68.2, kernel-source-5.14.21-150400.24.141.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Maintenance Automation 2024-12-17 16:33:27 UTC 
SUSE-SU-2024:4364-1: An update that solves 439 vulnerabilities, contains nine features and has 68 security fixes can now be installed.

URL: https://www.suse.com/support/update/announcement/2024/suse-su-20244364-1
Category: security (important)
Bug References: 1054914, 1065729, 1082555, 1194869, 1204171, 1205796, 1206188, 1206344, 1209290, 1210449, 1210627, 1213034, 1216813, 1218562, 1218644, 1220382, 1221309, 1221333, 1222364, 1222590, 1223202, 1223384, 1223524, 1223656, 1223824, 1223848, 1223919, 1223942, 1224518, 1224526, 1224574, 1225189, 1225336, 1225611, 1225725, 1225730, 1225742, 1225762, 1225764, 1225812, 1226498, 1226560, 1226592, 1226631, 1226748, 1226797, 1226872, 1227437, 1227853, 1227885, 1228119, 1228269, 1228410, 1228430, 1228486, 1228650, 1228709, 1228743, 1228747, 1228857, 1229005, 1229019, 1229312, 1229429, 1229450, 1229454, 1229456, 1229556, 1229585, 1229752, 1229769, 1229808, 1229837, 1229891, 1230055, 1230179, 1230220, 1230231, 1230270, 1230289, 1230405, 1230414, 1230429, 1230456, 1230550, 1230558, 1230600, 1230620, 1230715, 1230722, 1230763, 1230773, 1230774, 1230801, 1230827, 1230903, 1230918, 1231016, 1231072, 1231073, 1231083, 1231084, 1231085, 1231087, 1231089, 1231094, 1231096, 1231098, 1231101, 1231105, 1231108, 1231111, 1231114, 1231115, 1231132, 1231135, 1231138, 1231148, 1231169, 1231178, 1231179, 1231180, 1231181, 1231187, 1231191, 1231193, 1231195, 1231197, 1231200, 1231202, 1231203, 1231277, 1231293, 1231327, 1231344, 1231375, 1231383, 1231434, 1231439, 1231441, 1231442, 1231452, 1231465, 1231474, 1231481, 1231496, 1231502, 1231537, 1231539, 1231540, 1231541, 1231578, 1231646, 1231673, 1231849, 1231856, 1231857, 1231858, 1231859, 1231861, 1231864, 1231872, 1231883, 1231885, 1231887, 1231888, 1231889, 1231890, 1231892, 1231893, 1231895, 1231896, 1231897, 1231902, 1231903, 1231904, 1231907, 1231914, 1231916, 1231920, 1231923, 1231929, 1231930, 1231931, 1231935, 1231936, 1231937, 1231938, 1231939, 1231940, 1231941, 1231942, 1231944, 1231947, 1231950, 1231952, 1231953, 1231954, 1231958, 1231959, 1231960, 1231961, 1231962, 1231965, 1231967, 1231968, 1231972, 1231973, 1231976, 1231978, 1231979, 1231987, 1231988, 1231990, 1231991, 1231992, 1231995, 1231996, 1231997, 1231998, 1232001, 1232004, 1232005, 1232006, 1232007, 1232013, 1232015, 1232016, 1232017, 1232025, 1232026, 1232027, 1232028, 1232033, 1232034, 1232035, 1232036, 1232037, 1232038, 1232039, 1232043, 1232047, 1232048, 1232049, 1232050, 1232056, 1232067, 1232069, 1232070, 1232071, 1232075, 1232076, 1232080, 1232083, 1232084, 1232085, 1232089, 1232094, 1232096, 1232097, 1232098, 1232104, 1232105, 1232108, 1232111, 1232114, 1232116, 1232119, 1232120, 1232123, 1232124, 1232126, 1232133, 1232134, 1232135, 1232136, 1232140, 1232141, 1232142, 1232145, 1232147, 1232149, 1232150, 1232151, 1232152, 1232154, 1232155, 1232159, 1232160, 1232162, 1232163, 1232164, 1232165, 1232170, 1232172, 1232174, 1232175, 1232180, 1232185, 1232187, 1232189, 1232191, 1232195, 1232196, 1232198, 1232199, 1232200, 1232201, 1232217, 1232218, 1232220, 1232221, 1232224, 1232229, 1232232, 1232233, 1232237, 1232251, 1232253, 1232254, 1232255, 1232259, 1232260, 1232262, 1232263, 1232264, 1232272, 1232279, 1232282, 1232285, 1232286, 1232287, 1232293, 1232304, 1232305, 1232307, 1232309, 1232310, 1232312, 1232313, 1232314, 1232316, 1232317, 1232318, 1232329, 1232332, 1232333, 1232334, 1232335, 1232337, 1232339, 1232342, 1232345, 1232349, 1232352, 1232354, 1232355, 1232357, 1232358, 1232359, 1232361, 1232362, 1232364, 1232366, 1232367, 1232368, 1232369, 1232370, 1232371, 1232374, 1232378, 1232381, 1232383, 1232385, 1232387, 1232392, 1232394, 1232395, 1232413, 1232416, 1232418, 1232424, 1232432, 1232435, 1232436, 1232442, 1232446, 1232483, 1232500, 1232501, 1232503, 1232504, 1232507, 1232519, 1232520, 1232552, 1232630, 1232631, 1232632, 1232757, 1232819, 1232860, 1232870, 1232873, 1232877, 1232878, 1232881, 1232884, 1232885, 1232887, 1232888, 1232890, 1232892, 1232896, 1232897, 1232905, 1232907, 1232919, 1232926, 1232928, 1232935, 1233035, 1233049, 1233051, 1233056, 1233057, 1233061, 1233063, 1233065, 1233067, 1233070, 1233073, 1233074, 1233100, 1233103, 1233104, 1233105, 1233106, 1233107, 1233108, 1233110, 1233111, 1233113, 1233114, 1233117, 1233123, 1233125, 1233129, 1233130, 1233134, 1233135, 1233150, 1233189, 1233191, 1233197, 1233205, 1233206, 1233209, 1233210, 1233211, 1233212, 1233214, 1233216, 1233238, 1233241, 1233253, 1233255, 1233293, 1233350, 1233452, 1233453, 1233454, 1233456, 1233457, 1233458, 1233460, 1233462, 1233463, 1233468, 1233471, 1233476, 1233478, 1233479, 1233481, 1233484, 1233487, 1233490, 1233491, 1233528, 1233548, 1233552, 1233553, 1233554, 1233555, 1233557, 1233560, 1233561, 1233570, 1233577, 1233580, 1233977, 1234012, 1234025, 1234085, 1234093, 1234098, 1234108
CVE References: CVE-2021-47416, CVE-2021-47534, CVE-2021-47594, CVE-2022-3435, CVE-2022-45934, CVE-2022-48664, CVE-2022-48674, CVE-2022-48879, CVE-2022-48946, CVE-2022-48947, CVE-2022-48948, CVE-2022-48949, CVE-2022-48951, CVE-2022-48953, CVE-2022-48954, CVE-2022-48955, CVE-2022-48956, CVE-2022-48957, CVE-2022-48958, CVE-2022-48959, CVE-2022-48960, CVE-2022-48961, CVE-2022-48962, CVE-2022-48966, CVE-2022-48967, CVE-2022-48968, CVE-2022-48969, CVE-2022-48970, CVE-2022-48971, CVE-2022-48972, CVE-2022-48973, CVE-2022-48975, CVE-2022-48977, CVE-2022-48978, CVE-2022-48979, CVE-2022-48980, CVE-2022-48981, CVE-2022-48982, CVE-2022-48983, CVE-2022-48985, CVE-2022-48987, CVE-2022-48988, CVE-2022-48989, CVE-2022-48990, CVE-2022-48991, CVE-2022-48992, CVE-2022-48994, CVE-2022-48995, CVE-2022-48997, CVE-2022-48999, CVE-2022-49000, CVE-2022-49002, CVE-2022-49003, CVE-2022-49005, CVE-2022-49006, CVE-2022-49007, CVE-2022-49010, CVE-2022-49011, CVE-2022-49012, CVE-2022-49014, CVE-2022-49015, CVE-2022-49016, CVE-2022-49017, CVE-2022-49019, CVE-2022-49020, CVE-2022-49021, CVE-2022-49022, CVE-2022-49023, CVE-2022-49024, CVE-2022-49025, CVE-2022-49026, CVE-2022-49027, CVE-2022-49028, CVE-2022-49029, CVE-2022-49031, CVE-2022-49032, CVE-2023-2166, CVE-2023-28327, CVE-2023-52766, CVE-2023-52800, CVE-2023-52881, CVE-2023-52915, CVE-2023-52917, CVE-2023-52918, CVE-2023-52919, CVE-2023-52921, CVE-2023-52922, CVE-2023-6270, CVE-2024-26782, CVE-2024-26906, CVE-2024-26953, CVE-2024-27043, CVE-2024-35888, CVE-2024-35937, CVE-2024-35980, CVE-2024-36244, CVE-2024-36484, CVE-2024-36883, CVE-2024-36886, CVE-2024-36905, CVE-2024-36953, CVE-2024-36954, CVE-2024-36957, CVE-2024-38577, CVE-2024-38589, CVE-2024-38615, CVE-2024-39476, CVE-2024-40965, CVE-2024-40997, CVE-2024-41016, CVE-2024-41023, CVE-2024-41049, CVE-2024-42131, CVE-2024-42145, CVE-2024-42226, CVE-2024-42253, CVE-2024-43817, CVE-2024-43897, CVE-2024-44931, CVE-2024-44932, CVE-2024-44947, CVE-2024-44958, CVE-2024-44964, CVE-2024-44995, CVE-2024-45016, CVE-2024-45025, CVE-2024-46678, CVE-2024-46681, CVE-2024-46716, CVE-2024-46719, CVE-2024-46754, CVE-2024-46770, CVE-2024-46775, CVE-2024-46777, CVE-2024-46800, CVE-2024-46802, CVE-2024-46804, CVE-2024-46805, CVE-2024-46807, CVE-2024-46809, CVE-2024-46810, CVE-2024-46811, CVE-2024-46812, CVE-2024-46813, CVE-2024-46814, CVE-2024-46815, CVE-2024-46816, CVE-2024-46817, CVE-2024-46818, CVE-2024-46819, CVE-2024-46821, CVE-2024-46826, CVE-2024-46828, CVE-2024-46834, CVE-2024-46835, CVE-2024-46840, CVE-2024-46841, CVE-2024-46842, CVE-2024-46848, CVE-2024-46849, CVE-2024-46853, CVE-2024-46854, CVE-2024-46855, CVE-2024-46857, CVE-2024-46859, CVE-2024-46864, CVE-2024-46871, CVE-2024-47660, CVE-2024-47661, CVE-2024-47663, CVE-2024-47664, CVE-2024-47665, CVE-2024-47667, CVE-2024-47668, CVE-2024-47669, CVE-2024-47670, CVE-2024-47671, CVE-2024-47672, CVE-2024-47673, CVE-2024-47674, CVE-2024-47679, CVE-2024-47682, CVE-2024-47684, CVE-2024-47685, CVE-2024-47692, CVE-2024-47693, CVE-2024-47695, CVE-2024-47696, CVE-2024-47697, CVE-2024-47698, CVE-2024-47699, CVE-2024-47701, CVE-2024-47704, CVE-2024-47705, CVE-2024-47706, CVE-2024-47707, CVE-2024-47709, CVE-2024-47710, CVE-2024-47712, CVE-2024-47713, CVE-2024-47718, CVE-2024-47720, CVE-2024-47723, CVE-2024-47727, CVE-2024-47728, CVE-2024-47730, CVE-2024-47735, CVE-2024-47737, CVE-2024-47738, CVE-2024-47739, CVE-2024-47742, CVE-2024-47745, CVE-2024-47747, CVE-2024-47748, CVE-2024-47749, CVE-2024-47756, CVE-2024-47757, CVE-2024-49850, CVE-2024-49851, CVE-2024-49852, CVE-2024-49855, CVE-2024-49858, CVE-2024-49860, CVE-2024-49861, CVE-2024-49863, CVE-2024-49866, CVE-2024-49867, CVE-2024-49868, CVE-2024-49870, CVE-2024-49871, CVE-2024-49875, CVE-2024-49877, CVE-2024-49879, CVE-2024-49881, CVE-2024-49882, CVE-2024-49883, CVE-2024-49884, CVE-2024-49886, CVE-2024-49890, CVE-2024-49891, CVE-2024-49892, CVE-2024-49894, CVE-2024-49895, CVE-2024-49896, CVE-2024-49897, CVE-2024-49899, CVE-2024-49900, CVE-2024-49901, CVE-2024-49902, CVE-2024-49903, CVE-2024-49905, CVE-2024-49906, CVE-2024-49907, CVE-2024-49908, CVE-2024-49909, CVE-2024-49911, CVE-2024-49912, CVE-2024-49913, CVE-2024-49914, CVE-2024-49917, CVE-2024-49918, CVE-2024-49919, CVE-2024-49920, CVE-2024-49921, CVE-2024-49922, CVE-2024-49923, CVE-2024-49924, CVE-2024-49925, CVE-2024-49929, CVE-2024-49930, CVE-2024-49933, CVE-2024-49934, CVE-2024-49935, CVE-2024-49936, CVE-2024-49938, CVE-2024-49939, CVE-2024-49945, CVE-2024-49946, CVE-2024-49947, CVE-2024-49949, CVE-2024-49950, CVE-2024-49954, CVE-2024-49955, CVE-2024-49957, CVE-2024-49958, CVE-2024-49959, CVE-2024-49960, CVE-2024-49962, CVE-2024-49963, CVE-2024-49965, CVE-2024-49966, CVE-2024-49967, CVE-2024-49968, CVE-2024-49969, CVE-2024-49973, CVE-2024-49974, CVE-2024-49975, CVE-2024-49981, CVE-2024-49982, CVE-2024-49983, CVE-2024-49985, CVE-2024-49989, CVE-2024-49991, CVE-2024-49993, CVE-2024-49995, CVE-2024-49996, CVE-2024-50000, CVE-2024-50001, CVE-2024-50002, CVE-2024-50003, CVE-2024-50006, CVE-2024-50007, CVE-2024-50008, CVE-2024-50009, CVE-2024-50013, CVE-2024-50014, CVE-2024-50017, CVE-2024-50019, CVE-2024-50024, CVE-2024-50025, CVE-2024-50026, CVE-2024-50028, CVE-2024-50031, CVE-2024-50033, CVE-2024-50035, CVE-2024-50041, CVE-2024-50044, CVE-2024-50045, CVE-2024-50046, CVE-2024-50047, CVE-2024-50048, CVE-2024-50049, CVE-2024-50055, CVE-2024-50058, CVE-2024-50059, CVE-2024-50061, CVE-2024-50062, CVE-2024-50063, CVE-2024-50067, CVE-2024-50073, CVE-2024-50074, CVE-2024-50077, CVE-2024-50078, CVE-2024-50081, CVE-2024-50082, CVE-2024-50089, CVE-2024-50093, CVE-2024-50095, CVE-2024-50096, CVE-2024-50098, CVE-2024-50099, CVE-2024-50103, CVE-2024-50108, CVE-2024-50110, CVE-2024-50115, CVE-2024-50116, CVE-2024-50117, CVE-2024-50124, CVE-2024-50125, CVE-2024-50127, CVE-2024-50128, CVE-2024-50131, CVE-2024-50134, CVE-2024-50135, CVE-2024-50138, CVE-2024-50141, CVE-2024-50146, CVE-2024-50147, CVE-2024-50148, CVE-2024-50150, CVE-2024-50153, CVE-2024-50154, CVE-2024-50155, CVE-2024-50156, CVE-2024-50160, CVE-2024-50167, CVE-2024-50171, CVE-2024-50179, CVE-2024-50180, CVE-2024-50182, CVE-2024-50183, CVE-2024-50184, CVE-2024-50186, CVE-2024-50187, CVE-2024-50188, CVE-2024-50189, CVE-2024-50192, CVE-2024-50194, CVE-2024-50195, CVE-2024-50196, CVE-2024-50198, CVE-2024-50201, CVE-2024-50205, CVE-2024-50208, CVE-2024-50209, CVE-2024-50215, CVE-2024-50218, CVE-2024-50229, CVE-2024-50230, CVE-2024-50232, CVE-2024-50233, CVE-2024-50234, CVE-2024-50236, CVE-2024-50237, CVE-2024-50249, CVE-2024-50255, CVE-2024-50259, CVE-2024-50261, CVE-2024-50264, CVE-2024-50265, CVE-2024-50267, CVE-2024-50268, CVE-2024-50269, CVE-2024-50271, CVE-2024-50273, CVE-2024-50274, CVE-2024-50279, CVE-2024-50282, CVE-2024-50287, CVE-2024-50289, CVE-2024-50290, CVE-2024-50292, CVE-2024-50295, CVE-2024-50298, CVE-2024-50301, CVE-2024-50302, CVE-2024-53052, CVE-2024-53058, CVE-2024-53059, CVE-2024-53060, CVE-2024-53061, CVE-2024-53063, CVE-2024-53066, CVE-2024-53068, CVE-2024-53079, CVE-2024-53085, CVE-2024-53088, CVE-2024-53104, CVE-2024-53110
Jira References: PED-1166, PED-1168, PED-1170, PED-1218, PED-1220, PED-1222, PED-1223, PED-1225, PED-2849
Maintenance Incident: [SUSE:Maintenance:36349](https://smelt.suse.de/incident/36349/)
Sources used:
SUSE Linux Enterprise Micro 5.5 (src):
 kernel-default-base-5.14.21-150500.55.88.1.150500.6.39.4
Basesystem Module 15-SP5 (src):
 kernel-default-base-5.14.21-150500.55.88.1.150500.6.39.4, kernel-source-5.14.21-150500.55.88.1
Development Tools Module 15-SP5 (src):
 kernel-source-5.14.21-150500.55.88.1, kernel-syms-5.14.21-150500.55.88.1, kernel-obs-build-5.14.21-150500.55.88.1
SUSE Linux Enterprise Live Patching 15-SP5 (src):
 kernel-livepatch-SLE15-SP5_Update_21-1-150500.11.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.