1194826 – (CVE-2022-0264) VUL-1: CVE-2022-0264: kernel-source-rt, kernel-source, kernel-source-azure: address leakage in BPF atomic fetch

Bug 1194826 (CVE-2022-0264) - VUL-1: CVE-2022-0264: kernel-source-rt, kernel-source, kernel-source-azure: address leakage in BPF atomic fetch

Summary: VUL-1: CVE-2022-0264: kernel-source-rt, kernel-source, kernel-source-azure: a...

Status:	RESOLVED FIXED
Duplicates (1):	1194226 (view as bug list)

Alias:	CVE-2022-0264

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/320792/
Whiteboard:	CVSSv3.1:SUSE:CVE-2022-0264:4.7:(AV:L...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2022-01-18 11:27 UTC by Thomas Leroy
Modified:	2024-07-10 20:30 UTC (History)
CC List:	4 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Leroy 2022-01-18 11:27:45 UTC

rh#2041547

A flaw was found in the Linux kernel. There is an address leakage in BPF atomic fetch.

Upstream fixing commit:
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=7d3baf0afa3aa9102d6a521a8e4c41888bb79882

Commit introducing the bug:
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=37086bfdc737

References:
https://bugzilla.redhat.com/show_bug.cgi?id=2041547
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0264

Comment 1 Thomas Leroy 2022-01-18 13:41:56 UTC

I can see the commit introducing the bug on SLE15-SP4 and stable branches, but the fixing commit is only present on stable branch. Therefore I think that only SLE15-SP4 is affected.

Comment 2 Denis Kirjanov 2022-01-18 15:09:09 UTC

the fix already in the tree:
commit ebab46c88c9fda14c209b9e2a394788978a4674a (origin/users/syu/SLE15-SP4/for-next)
Author: Shung-Hsi Yu <shung-hsi.yu@suse.com>
Date:   Tue Dec 28 15:01:26 2021 +0800

    bpf: Fix kernel address leakage in atomic fetch (bsc#1193883).

Comment 3 Marcus Meissner 2022-01-18 16:46:53 UTC

fuixed

Comment 20 Swamp Workflow Management 2022-07-21 22:26:59 UTC

SUSE-SU-2022:2520-1: An update that solves 49 vulnerabilities, contains 26 features and has 207 fixes is now available.

Category: security (important)
Bug References: 1055117,1061840,1065729,1071995,1089644,1103269,1118212,1121726,1137728,1156395,1157038,1157923,1175667,1179439,1179639,1180814,1183682,1183872,1184318,1184924,1187716,1188885,1189998,1190137,1190208,1190336,1190497,1190768,1190786,1190812,1191271,1191663,1192483,1193064,1193277,1193289,1193431,1193556,1193629,1193640,1193787,1193823,1193852,1194086,1194111,1194191,1194409,1194501,1194523,1194526,1194583,1194585,1194586,1194625,1194765,1194826,1194869,1195099,1195287,1195478,1195482,1195504,1195651,1195668,1195669,1195775,1195823,1195826,1195913,1195915,1195926,1195944,1195957,1195987,1196079,1196114,1196130,1196213,1196306,1196367,1196400,1196426,1196478,1196514,1196570,1196723,1196779,1196830,1196836,1196866,1196868,1196869,1196901,1196930,1196942,1196960,1197016,1197157,1197227,1197243,1197292,1197302,1197303,1197304,1197362,1197386,1197501,1197601,1197661,1197675,1197761,1197817,1197819,1197820,1197888,1197889,1197894,1197915,1197917,1197918,1197920,1197921,1197922,1197926,1198009,1198010,1198012,1198013,1198014,1198015,1198016,1198017,1198018,1198019,1198020,1198021,1198022,1198023,1198024,1198027,1198030,1198034,1198058,1198217,1198379,1198400,1198402,1198410,1198412,1198413,1198438,1198484,1198577,1198585,1198660,1198802,1198803,1198806,1198811,1198826,1198829,1198835,1198968,1198971,1199011,1199024,1199035,1199046,1199052,1199063,1199163,1199173,1199260,1199314,1199390,1199426,1199433,1199439,1199482,1199487,1199505,1199507,1199605,1199611,1199626,1199631,1199650,1199657,1199674,1199736,1199793,1199839,1199875,1199909,1200015,1200019,1200045,1200046,1200144,1200205,1200211,1200259,1200263,1200284,1200315,1200343,1200420,1200442,1200475,1200502,1200567,1200569,1200571,1200599,1200600,1200608,1200611,1200619,1200692,1200762,1200763,1200806,1200807,1200808,1200809,1200810,1200812,1200813,1200815,1200816,1200820,1200821,1200822,1200824,1200825,1200827,1200828,1200829,1200830,1200845,1200882,1200925,1201050,1201080,1201160,1201171,1201177,1201193,1201196,1201218,1201222,1201228,1201251,1201381,1201471,1201524
CVE References: CVE-2021-26341,CVE-2021-33061,CVE-2021-4204,CVE-2021-44879,CVE-2021-45402,CVE-2022-0264,CVE-2022-0494,CVE-2022-0617,CVE-2022-1012,CVE-2022-1016,CVE-2022-1184,CVE-2022-1198,CVE-2022-1205,CVE-2022-1462,CVE-2022-1508,CVE-2022-1651,CVE-2022-1652,CVE-2022-1671,CVE-2022-1679,CVE-2022-1729,CVE-2022-1734,CVE-2022-1789,CVE-2022-1852,CVE-2022-1966,CVE-2022-1972,CVE-2022-1974,CVE-2022-1998,CVE-2022-20132,CVE-2022-20154,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-2318,CVE-2022-23222,CVE-2022-26365,CVE-2022-26490,CVE-2022-29582,CVE-2022-29900,CVE-2022-29901,CVE-2022-30594,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-33743,CVE-2022-33981,CVE-2022-34918
JIRA References: SLE-13513,SLE-13521,SLE-15442,SLE-17855,SLE-18194,SLE-18234,SLE-18375,SLE-18377,SLE-18378,SLE-18382,SLE-18385,SLE-18901,SLE-18938,SLE-18978,SLE-19001,SLE-19026,SLE-19242,SLE-19249,SLE-19253,SLE-19924,SLE-21315,SLE-23643,SLE-24072,SLE-24093,SLE-24350,SLE-24549
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.14.21-150400.24.11.1, kernel-64kb-5.14.21-150400.24.11.1, kernel-debug-5.14.21-150400.24.11.1, kernel-default-5.14.21-150400.24.11.1, kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6, kernel-docs-5.14.21-150400.24.11.1, kernel-kvmsmall-5.14.21-150400.24.11.1, kernel-obs-build-5.14.21-150400.24.11.1, kernel-obs-qa-5.14.21-150400.24.11.1, kernel-source-5.14.21-150400.24.11.1, kernel-syms-5.14.21-150400.24.11.1, kernel-zfcpdump-5.14.21-150400.24.11.1
SUSE Linux Enterprise Workstation Extension 15-SP4 (src):    kernel-default-5.14.21-150400.24.11.1
SUSE Linux Enterprise Module for Live Patching 15-SP4 (src):    kernel-default-5.14.21-150400.24.11.1, kernel-livepatch-SLE15-SP4_Update_1-1-150400.9.5.3
SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src):    kernel-default-5.14.21-150400.24.11.1
SUSE Linux Enterprise Module for Development Tools 15-SP4 (src):    kernel-docs-5.14.21-150400.24.11.1, kernel-obs-build-5.14.21-150400.24.11.1, kernel-source-5.14.21-150400.24.11.1, kernel-syms-5.14.21-150400.24.11.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    kernel-64kb-5.14.21-150400.24.11.1, kernel-default-5.14.21-150400.24.11.1, kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6, kernel-source-5.14.21-150400.24.11.1, kernel-zfcpdump-5.14.21-150400.24.11.1
SUSE Linux Enterprise High Availability 15-SP4 (src):    kernel-default-5.14.21-150400.24.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 22 Swamp Workflow Management 2022-08-01 13:28:35 UTC

SUSE-SU-2022:2615-1: An update that solves 48 vulnerabilities, contains 26 features and has 202 fixes is now available.

Category: security (important)
Bug References: 1055117,1061840,1065729,1071995,1089644,1103269,1118212,1121726,1137728,1156395,1157038,1157923,1175667,1179439,1179639,1180814,1183682,1183872,1184318,1184924,1187716,1188885,1189998,1190137,1190208,1190336,1190497,1190768,1190786,1190812,1191271,1191663,1192483,1193064,1193277,1193289,1193431,1193556,1193629,1193640,1193787,1193823,1193852,1194086,1194111,1194191,1194409,1194501,1194523,1194526,1194583,1194585,1194586,1194625,1194765,1194826,1194869,1195099,1195287,1195478,1195482,1195504,1195651,1195668,1195669,1195775,1195823,1195826,1195913,1195915,1195926,1195944,1195957,1195987,1196079,1196114,1196130,1196213,1196306,1196367,1196400,1196426,1196478,1196514,1196570,1196723,1196779,1196830,1196836,1196866,1196868,1196869,1196901,1196930,1196942,1196960,1197016,1197157,1197227,1197243,1197292,1197302,1197303,1197304,1197362,1197386,1197501,1197601,1197661,1197675,1197761,1197817,1197819,1197820,1197888,1197889,1197894,1197915,1197917,1197918,1197920,1197921,1197922,1197926,1198009,1198010,1198012,1198013,1198014,1198015,1198016,1198017,1198018,1198019,1198020,1198021,1198022,1198023,1198024,1198027,1198030,1198034,1198058,1198217,1198379,1198400,1198402,1198412,1198413,1198438,1198484,1198577,1198585,1198660,1198802,1198803,1198806,1198811,1198826,1198835,1198968,1198971,1199011,1199024,1199035,1199046,1199052,1199063,1199163,1199173,1199260,1199314,1199390,1199426,1199433,1199439,1199482,1199487,1199505,1199507,1199605,1199611,1199626,1199631,1199650,1199657,1199674,1199736,1199793,1199839,1199875,1199909,1200015,1200019,1200045,1200046,1200144,1200205,1200211,1200259,1200263,1200284,1200315,1200343,1200420,1200442,1200475,1200502,1200567,1200569,1200571,1200572,1200599,1200600,1200608,1200611,1200619,1200692,1200762,1200763,1200806,1200807,1200808,1200809,1200810,1200812,1200815,1200816,1200820,1200822,1200824,1200825,1200827,1200828,1200829,1200830,1200845,1200882,1200925,1201050,1201160,1201171,1201177,1201193,1201196,1201218,1201222,1201228,1201251,150300
CVE References: CVE-2021-26341,CVE-2021-33061,CVE-2021-4204,CVE-2021-44879,CVE-2021-45402,CVE-2022-0264,CVE-2022-0494,CVE-2022-0617,CVE-2022-1012,CVE-2022-1016,CVE-2022-1184,CVE-2022-1198,CVE-2022-1205,CVE-2022-1508,CVE-2022-1651,CVE-2022-1652,CVE-2022-1671,CVE-2022-1679,CVE-2022-1729,CVE-2022-1734,CVE-2022-1789,CVE-2022-1852,CVE-2022-1966,CVE-2022-1972,CVE-2022-1974,CVE-2022-1998,CVE-2022-20132,CVE-2022-20154,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-2318,CVE-2022-23222,CVE-2022-26365,CVE-2022-26490,CVE-2022-29582,CVE-2022-29900,CVE-2022-29901,CVE-2022-30594,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-33743,CVE-2022-33981,CVE-2022-34918
JIRA References: SLE-13513,SLE-13521,SLE-15442,SLE-17855,SLE-18194,SLE-18234,SLE-18375,SLE-18377,SLE-18378,SLE-18382,SLE-18385,SLE-18901,SLE-18938,SLE-18978,SLE-19001,SLE-19026,SLE-19242,SLE-19249,SLE-19253,SLE-19924,SLE-21315,SLE-23643,SLE-24072,SLE-24093,SLE-24350,SLE-24549
Sources used:
openSUSE Leap 15.4 (src):    kernel-azure-5.14.21-150400.14.7.1, kernel-source-azure-5.14.21-150400.14.7.1, kernel-syms-azure-5.14.21-150400.14.7.1
SUSE Linux Enterprise Module for Public Cloud 15-SP4 (src):    kernel-azure-5.14.21-150400.14.7.1, kernel-source-azure-5.14.21-150400.14.7.1, kernel-syms-azure-5.14.21-150400.14.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 27 Carlos López 2023-07-06 11:15:46 UTC

*** Bug 1194226 has been marked as a duplicate of this bug. ***

Comment 32 Maintenance Automation 2024-07-09 16:30:31 UTC

SUSE-SU-2024:2372-1: An update that solves 249 vulnerabilities, contains three features and has 45 security fixes can now be installed.

Category: security (important)
Bug References: 1156395, 1190336, 1191958, 1193883, 1194826, 1195065, 1195254, 1195341, 1195349, 1195775, 1196746, 1197915, 1198014, 1199295, 1202767, 1202780, 1205205, 1207361, 1217912, 1218148, 1218570, 1218820, 1219224, 1219633, 1219847, 1220368, 1220812, 1220958, 1221086, 1221282, 1221958, 1222015, 1222072, 1222080, 1222241, 1222254, 1222364, 1222893, 1223013, 1223018, 1223265, 1223384, 1223641, 1224020, 1224331, 1224488, 1224497, 1224498, 1224504, 1224520, 1224539, 1224540, 1224552, 1224583, 1224588, 1224602, 1224603, 1224605, 1224612, 1224614, 1224619, 1224661, 1224662, 1224670, 1224671, 1224674, 1224677, 1224679, 1224696, 1224703, 1224712, 1224716, 1224719, 1224735, 1224749, 1224764, 1224765, 1224766, 1224935, 1224946, 1224951, 1225050, 1225098, 1225105, 1225300, 1225389, 1225391, 1225419, 1225426, 1225448, 1225452, 1225467, 1225475, 1225484, 1225487, 1225514, 1225518, 1225535, 1225585, 1225602, 1225611, 1225681, 1225692, 1225698, 1225699, 1225704, 1225714, 1225726, 1225732, 1225737, 1225749, 1225758, 1225759, 1225760, 1225767, 1225770, 1225823, 1225834, 1225840, 1225866, 1225872, 1225894, 1225945, 1226022, 1226131, 1226145, 1226149, 1226155, 1226211, 1226212, 1226226, 1226514, 1226520, 1226537, 1226538, 1226539, 1226550, 1226552, 1226553, 1226554, 1226556, 1226557, 1226558, 1226559, 1226561, 1226562, 1226563, 1226564, 1226566, 1226567, 1226569, 1226572, 1226575, 1226576, 1226577, 1226579, 1226580, 1226581, 1226582, 1226583, 1226585, 1226587, 1226588, 1226593, 1226595, 1226597, 1226601, 1226602, 1226603, 1226607, 1226610, 1226614, 1226616, 1226617, 1226618, 1226619, 1226621, 1226622, 1226624, 1226626, 1226628, 1226629, 1226632, 1226633, 1226634, 1226637, 1226643, 1226644, 1226645, 1226647, 1226650, 1226653, 1226657, 1226658, 1226669, 1226670, 1226672, 1226673, 1226674, 1226675, 1226678, 1226679, 1226683, 1226685, 1226686, 1226690, 1226691, 1226692, 1226693, 1226696, 1226697, 1226698, 1226699, 1226701, 1226702, 1226703, 1226704, 1226705, 1226706, 1226708, 1226709, 1226710, 1226711, 1226712, 1226713, 1226715, 1226716, 1226718, 1226719, 1226720, 1226721, 1226730, 1226732, 1226734, 1226735, 1226737, 1226738, 1226739, 1226740, 1226744, 1226746, 1226747, 1226749, 1226754, 1226762, 1226764, 1226767, 1226768, 1226769, 1226771, 1226774, 1226777, 1226780, 1226781, 1226785, 1226786, 1226789, 1226791, 1226839, 1226840, 1226841, 1226842, 1226848, 1226852, 1226857, 1226861, 1226863, 1226864, 1226867, 1226868, 1226876, 1226878, 1226883, 1226886, 1226890, 1226891, 1226895, 1226908, 1226915, 1226928, 1226948, 1226949, 1226950, 1226953, 1226962, 1226976, 1226992, 1226994, 1226996, 1227066, 1227096, 1227101, 1227103, 1227274
CVE References: CVE-2021-4439, CVE-2021-47089, CVE-2021-47432, CVE-2021-47515, CVE-2021-47534, CVE-2021-47538, CVE-2021-47539, CVE-2021-47555, CVE-2021-47566, CVE-2021-47571, CVE-2021-47572, CVE-2021-47576, CVE-2021-47577, CVE-2021-47578, CVE-2021-47580, CVE-2021-47582, CVE-2021-47583, CVE-2021-47584, CVE-2021-47585, CVE-2021-47586, CVE-2021-47587, CVE-2021-47589, CVE-2021-47592, CVE-2021-47595, CVE-2021-47596, CVE-2021-47597, CVE-2021-47600, CVE-2021-47601, CVE-2021-47602, CVE-2021-47603, CVE-2021-47604, CVE-2021-47605, CVE-2021-47607, CVE-2021-47608, CVE-2021-47609, CVE-2021-47610, CVE-2021-47611, CVE-2021-47612, CVE-2021-47614, CVE-2021-47615, CVE-2021-47616, CVE-2021-47617, CVE-2021-47618, CVE-2021-47619, CVE-2021-47620, CVE-2022-48711, CVE-2022-48712, CVE-2022-48713, CVE-2022-48714, CVE-2022-48715, CVE-2022-48716, CVE-2022-48717, CVE-2022-48718, CVE-2022-48720, CVE-2022-48721, CVE-2022-48722, CVE-2022-48723, CVE-2022-48724, CVE-2022-48725, CVE-2022-48726, CVE-2022-48727, CVE-2022-48728, CVE-2022-48729, CVE-2022-48730, CVE-2022-48732, CVE-2022-48733, CVE-2022-48734, CVE-2022-48735, CVE-2022-48736, CVE-2022-48737, CVE-2022-48738, CVE-2022-48739, CVE-2022-48740, CVE-2022-48743, CVE-2022-48744, CVE-2022-48745, CVE-2022-48746, CVE-2022-48747, CVE-2022-48748, CVE-2022-48749, CVE-2022-48751, CVE-2022-48752, CVE-2022-48753, CVE-2022-48754, CVE-2022-48755, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48763, CVE-2022-48765, CVE-2022-48766, CVE-2022-48767, CVE-2022-48768, CVE-2022-48769, CVE-2022-48770, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-52622, CVE-2023-52658, CVE-2023-52667, CVE-2023-52670, CVE-2023-52672, CVE-2023-52675, CVE-2023-52735, CVE-2023-52737, CVE-2023-52752, CVE-2023-52766, CVE-2023-52784, CVE-2023-52787, CVE-2023-52800, CVE-2023-52835, CVE-2023-52837, CVE-2023-52843, CVE-2023-52845, CVE-2023-52846, CVE-2023-52869, CVE-2023-52881, CVE-2023-52882, CVE-2023-52884, CVE-2024-26625, CVE-2024-26644, CVE-2024-26720, CVE-2024-26842, CVE-2024-26845, CVE-2024-26923, CVE-2024-26973, CVE-2024-27432, CVE-2024-33619, CVE-2024-35247, CVE-2024-35789, CVE-2024-35790, CVE-2024-35807, CVE-2024-35814, CVE-2024-35835, CVE-2024-35848, CVE-2024-35857, CVE-2024-35861, CVE-2024-35862, CVE-2024-35864, CVE-2024-35869, CVE-2024-35878, CVE-2024-35884, CVE-2024-35886, CVE-2024-35896, CVE-2024-35898, CVE-2024-35900, CVE-2024-35905, CVE-2024-35925, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35997, CVE-2024-36005, CVE-2024-36008, CVE-2024-36017, CVE-2024-36020, CVE-2024-36021, CVE-2024-36025, CVE-2024-36477, CVE-2024-36478, CVE-2024-36479, CVE-2024-36890, CVE-2024-36894, CVE-2024-36899, CVE-2024-36900, CVE-2024-36904, CVE-2024-36915, CVE-2024-36916, CVE-2024-36917, CVE-2024-36919, CVE-2024-36934, CVE-2024-36937, CVE-2024-36940, CVE-2024-36945, CVE-2024-36949, CVE-2024-36960, CVE-2024-36964, CVE-2024-36965, CVE-2024-36967, CVE-2024-36969, CVE-2024-36971, CVE-2024-36975, CVE-2024-36978, CVE-2024-37021, CVE-2024-37078, CVE-2024-37354, CVE-2024-38381, CVE-2024-38388, CVE-2024-38390, CVE-2024-38540, CVE-2024-38541, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38547, CVE-2024-38548, CVE-2024-38549, CVE-2024-38550, CVE-2024-38552, CVE-2024-38553, CVE-2024-38555, CVE-2024-38556, CVE-2024-38557, CVE-2024-38559, CVE-2024-38560, CVE-2024-38564, CVE-2024-38565, CVE-2024-38567, CVE-2024-38568, CVE-2024-38571, CVE-2024-38573, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38581, CVE-2024-38582, CVE-2024-38583, CVE-2024-38587, CVE-2024-38590, CVE-2024-38591, CVE-2024-38594, CVE-2024-38597, CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38603, CVE-2024-38605, CVE-2024-38608, CVE-2024-38616, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38627, CVE-2024-38630, CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780, CVE-2024-39301, CVE-2024-39468, CVE-2024-39469, CVE-2024-39471
Jira References: PED-8491, PED-8570, PED-8690
Maintenance Incident: [SUSE:Maintenance:34676](https://smelt.suse.de/incident/34676/)
Sources used:
Public Cloud Module 15-SP5 (src):
 kernel-source-azure-5.14.21-150500.33.60.1, kernel-syms-azure-5.14.21-150500.33.60.1
openSUSE Leap 15.5 (src):
 kernel-source-azure-5.14.21-150500.33.60.1, kernel-syms-azure-5.14.21-150500.33.60.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 33 Maintenance Automation 2024-07-10 20:30:02 UTC

SUSE-SU-2024:2394-1: An update that solves 249 vulnerabilities, contains three features and has 44 security fixes can now be installed.

Category: security (important)
Bug References: 1156395, 1190336, 1191958, 1193883, 1194826, 1195065, 1195254, 1195341, 1195349, 1195775, 1196746, 1197915, 1198014, 1199295, 1202767, 1202780, 1205205, 1207361, 1217912, 1218148, 1218570, 1218820, 1219224, 1219633, 1219847, 1220368, 1220812, 1220958, 1221086, 1221282, 1221958, 1222015, 1222072, 1222080, 1222241, 1222254, 1222364, 1222893, 1223013, 1223018, 1223265, 1223384, 1223641, 1224020, 1224331, 1224488, 1224497, 1224498, 1224504, 1224520, 1224539, 1224540, 1224552, 1224583, 1224588, 1224602, 1224603, 1224605, 1224612, 1224614, 1224619, 1224661, 1224662, 1224670, 1224671, 1224674, 1224677, 1224679, 1224696, 1224703, 1224712, 1224716, 1224719, 1224735, 1224749, 1224764, 1224765, 1224766, 1224935, 1224946, 1224951, 1225050, 1225098, 1225105, 1225300, 1225389, 1225391, 1225419, 1225426, 1225448, 1225452, 1225467, 1225475, 1225484, 1225487, 1225514, 1225518, 1225535, 1225585, 1225602, 1225611, 1225681, 1225692, 1225698, 1225699, 1225704, 1225714, 1225726, 1225732, 1225737, 1225749, 1225758, 1225759, 1225760, 1225767, 1225770, 1225823, 1225834, 1225840, 1225866, 1225872, 1225894, 1226022, 1226131, 1226145, 1226149, 1226155, 1226211, 1226212, 1226226, 1226514, 1226520, 1226537, 1226538, 1226539, 1226550, 1226552, 1226553, 1226554, 1226556, 1226557, 1226558, 1226559, 1226561, 1226562, 1226563, 1226564, 1226566, 1226567, 1226569, 1226572, 1226575, 1226576, 1226577, 1226579, 1226580, 1226581, 1226582, 1226583, 1226585, 1226587, 1226588, 1226593, 1226595, 1226597, 1226601, 1226602, 1226603, 1226607, 1226610, 1226614, 1226616, 1226617, 1226618, 1226619, 1226621, 1226622, 1226624, 1226626, 1226628, 1226629, 1226632, 1226633, 1226634, 1226637, 1226643, 1226644, 1226645, 1226647, 1226650, 1226653, 1226657, 1226658, 1226669, 1226670, 1226672, 1226673, 1226674, 1226675, 1226678, 1226679, 1226683, 1226685, 1226686, 1226690, 1226691, 1226692, 1226693, 1226696, 1226697, 1226698, 1226699, 1226701, 1226702, 1226703, 1226704, 1226705, 1226706, 1226708, 1226709, 1226710, 1226711, 1226712, 1226713, 1226715, 1226716, 1226718, 1226719, 1226720, 1226721, 1226730, 1226732, 1226734, 1226735, 1226737, 1226738, 1226739, 1226740, 1226744, 1226746, 1226747, 1226749, 1226754, 1226762, 1226764, 1226767, 1226768, 1226769, 1226771, 1226774, 1226777, 1226780, 1226781, 1226785, 1226786, 1226789, 1226791, 1226839, 1226840, 1226841, 1226842, 1226848, 1226852, 1226857, 1226861, 1226863, 1226864, 1226867, 1226868, 1226876, 1226878, 1226883, 1226886, 1226890, 1226891, 1226895, 1226908, 1226915, 1226928, 1226948, 1226949, 1226950, 1226953, 1226962, 1226976, 1226992, 1226994, 1226996, 1227066, 1227096, 1227101, 1227103, 1227274
CVE References: CVE-2021-4439, CVE-2021-47089, CVE-2021-47432, CVE-2021-47515, CVE-2021-47534, CVE-2021-47538, CVE-2021-47539, CVE-2021-47555, CVE-2021-47566, CVE-2021-47571, CVE-2021-47572, CVE-2021-47576, CVE-2021-47577, CVE-2021-47578, CVE-2021-47580, CVE-2021-47582, CVE-2021-47583, CVE-2021-47584, CVE-2021-47585, CVE-2021-47586, CVE-2021-47587, CVE-2021-47589, CVE-2021-47592, CVE-2021-47595, CVE-2021-47596, CVE-2021-47597, CVE-2021-47600, CVE-2021-47601, CVE-2021-47602, CVE-2021-47603, CVE-2021-47604, CVE-2021-47605, CVE-2021-47607, CVE-2021-47608, CVE-2021-47609, CVE-2021-47610, CVE-2021-47611, CVE-2021-47612, CVE-2021-47614, CVE-2021-47615, CVE-2021-47616, CVE-2021-47617, CVE-2021-47618, CVE-2021-47619, CVE-2021-47620, CVE-2022-48711, CVE-2022-48712, CVE-2022-48713, CVE-2022-48714, CVE-2022-48715, CVE-2022-48716, CVE-2022-48717, CVE-2022-48718, CVE-2022-48720, CVE-2022-48721, CVE-2022-48722, CVE-2022-48723, CVE-2022-48724, CVE-2022-48725, CVE-2022-48726, CVE-2022-48727, CVE-2022-48728, CVE-2022-48729, CVE-2022-48730, CVE-2022-48732, CVE-2022-48733, CVE-2022-48734, CVE-2022-48735, CVE-2022-48736, CVE-2022-48737, CVE-2022-48738, CVE-2022-48739, CVE-2022-48740, CVE-2022-48743, CVE-2022-48744, CVE-2022-48745, CVE-2022-48746, CVE-2022-48747, CVE-2022-48748, CVE-2022-48749, CVE-2022-48751, CVE-2022-48752, CVE-2022-48753, CVE-2022-48754, CVE-2022-48755, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48763, CVE-2022-48765, CVE-2022-48766, CVE-2022-48767, CVE-2022-48768, CVE-2022-48769, CVE-2022-48770, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-52622, CVE-2023-52658, CVE-2023-52667, CVE-2023-52670, CVE-2023-52672, CVE-2023-52675, CVE-2023-52735, CVE-2023-52737, CVE-2023-52752, CVE-2023-52766, CVE-2023-52784, CVE-2023-52787, CVE-2023-52800, CVE-2023-52835, CVE-2023-52837, CVE-2023-52843, CVE-2023-52845, CVE-2023-52846, CVE-2023-52869, CVE-2023-52881, CVE-2023-52882, CVE-2023-52884, CVE-2024-26625, CVE-2024-26644, CVE-2024-26720, CVE-2024-26842, CVE-2024-26845, CVE-2024-26923, CVE-2024-26973, CVE-2024-27432, CVE-2024-33619, CVE-2024-35247, CVE-2024-35789, CVE-2024-35790, CVE-2024-35807, CVE-2024-35814, CVE-2024-35835, CVE-2024-35848, CVE-2024-35857, CVE-2024-35861, CVE-2024-35862, CVE-2024-35864, CVE-2024-35869, CVE-2024-35878, CVE-2024-35884, CVE-2024-35886, CVE-2024-35896, CVE-2024-35898, CVE-2024-35900, CVE-2024-35905, CVE-2024-35925, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35997, CVE-2024-36005, CVE-2024-36008, CVE-2024-36017, CVE-2024-36020, CVE-2024-36021, CVE-2024-36025, CVE-2024-36477, CVE-2024-36478, CVE-2024-36479, CVE-2024-36890, CVE-2024-36894, CVE-2024-36899, CVE-2024-36900, CVE-2024-36904, CVE-2024-36915, CVE-2024-36916, CVE-2024-36917, CVE-2024-36919, CVE-2024-36934, CVE-2024-36937, CVE-2024-36940, CVE-2024-36945, CVE-2024-36949, CVE-2024-36960, CVE-2024-36964, CVE-2024-36965, CVE-2024-36967, CVE-2024-36969, CVE-2024-36971, CVE-2024-36975, CVE-2024-36978, CVE-2024-37021, CVE-2024-37078, CVE-2024-37354, CVE-2024-38381, CVE-2024-38388, CVE-2024-38390, CVE-2024-38540, CVE-2024-38541, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38547, CVE-2024-38548, CVE-2024-38549, CVE-2024-38550, CVE-2024-38552, CVE-2024-38553, CVE-2024-38555, CVE-2024-38556, CVE-2024-38557, CVE-2024-38559, CVE-2024-38560, CVE-2024-38564, CVE-2024-38565, CVE-2024-38567, CVE-2024-38568, CVE-2024-38571, CVE-2024-38573, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38581, CVE-2024-38582, CVE-2024-38583, CVE-2024-38587, CVE-2024-38590, CVE-2024-38591, CVE-2024-38594, CVE-2024-38597, CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38603, CVE-2024-38605, CVE-2024-38608, CVE-2024-38616, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38627, CVE-2024-38630, CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780, CVE-2024-39301, CVE-2024-39468, CVE-2024-39469, CVE-2024-39471
Jira References: PED-8491, PED-8570, PED-8690
Maintenance Incident: [SUSE:Maintenance:34699](https://smelt.suse.de/incident/34699/)
Sources used:
openSUSE Leap 15.5 (src):
 kernel-livepatch-SLE15-SP5-RT_Update_17-1-150500.11.3.1, kernel-syms-rt-5.14.21-150500.13.61.1, kernel-source-rt-5.14.21-150500.13.61.1
SUSE Linux Enterprise Micro 5.5 (src):
 kernel-source-rt-5.14.21-150500.13.61.1
SUSE Linux Enterprise Live Patching 15-SP5 (src):
 kernel-livepatch-SLE15-SP5-RT_Update_17-1-150500.11.3.1
SUSE Real Time Module 15-SP5 (src):
 kernel-syms-rt-5.14.21-150500.13.61.1, kernel-source-rt-5.14.21-150500.13.61.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.