Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-48912 (GCVE-0-2022-48912)
Vulnerability from cvelistv5 – Published: 2024-08-22 01:31 – Updated: 2026-05-11 18:49
VLAI
EPSS
Title
netfilter: fix use-after-free in __nf_register_net_hook()
Summary
In the Linux kernel, the following vulnerability has been resolved:
netfilter: fix use-after-free in __nf_register_net_hook()
We must not dereference @new_hooks after nf_hook_mutex has been released,
because other threads might have freed our allocated hooks already.
BUG: KASAN: use-after-free in nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]
BUG: KASAN: use-after-free in hooks_validate net/netfilter/core.c:171 [inline]
BUG: KASAN: use-after-free in __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438
Read of size 2 at addr ffff88801c1a8000 by task syz-executor237/4430
CPU: 1 PID: 4430 Comm: syz-executor237 Not tainted 5.17.0-rc5-syzkaller-00306-g2293be58d6a1 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
print_address_description.constprop.0.cold+0x8d/0x336 mm/kasan/report.c:255
__kasan_report mm/kasan/report.c:442 [inline]
kasan_report.cold+0x83/0xdf mm/kasan/report.c:459
nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]
hooks_validate net/netfilter/core.c:171 [inline]
__nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438
nf_register_net_hook+0x114/0x170 net/netfilter/core.c:571
nf_register_net_hooks+0x59/0xc0 net/netfilter/core.c:587
nf_synproxy_ipv6_init+0x85/0xe0 net/netfilter/nf_synproxy_core.c:1218
synproxy_tg6_check+0x30d/0x560 net/ipv6/netfilter/ip6t_SYNPROXY.c:81
xt_check_target+0x26c/0x9e0 net/netfilter/x_tables.c:1038
check_target net/ipv6/netfilter/ip6_tables.c:530 [inline]
find_check_entry.constprop.0+0x7f1/0x9e0 net/ipv6/netfilter/ip6_tables.c:573
translate_table+0xc8b/0x1750 net/ipv6/netfilter/ip6_tables.c:735
do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]
do_ip6t_set_ctl+0x56e/0xb90 net/ipv6/netfilter/ip6_tables.c:1639
nf_setsockopt+0x83/0xe0 net/netfilter/nf_sockopt.c:101
ipv6_setsockopt+0x122/0x180 net/ipv6/ipv6_sockglue.c:1024
rawv6_setsockopt+0xd3/0x6a0 net/ipv6/raw.c:1084
__sys_setsockopt+0x2db/0x610 net/socket.c:2180
__do_sys_setsockopt net/socket.c:2191 [inline]
__se_sys_setsockopt net/socket.c:2188 [inline]
__x64_sys_setsockopt+0xba/0x150 net/socket.c:2188
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f65a1ace7d9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f65a1a7f308 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f65a1ace7d9
RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
RBP: 00007f65a1b574c8 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000020000000 R11: 0000000000000246 R12: 00007f65a1b55130
R13: 00007f65a1b574c0 R14: 00007f65a1b24090 R15: 0000000000022000
</TASK>
The buggy address belongs to the page:
page:ffffea0000706a00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c1a8
flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
raw: 00fff00000000000 ffffea0001c1b108 ffffea000046dd08 0000000000000000
raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as freed
page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 4430, ts 1061781545818, free_ts 1061791488993
prep_new_page mm/page_alloc.c:2434 [inline]
get_page_from_freelist+0xa72/0x2f50 mm/page_alloc.c:4165
__alloc_pages+0x1b2/0x500 mm/page_alloc.c:5389
__alloc_pages_node include/linux/gfp.h:572 [inline]
alloc_pages_node include/linux/gfp.h:595 [inline]
kmalloc_large_node+0x62/0x130 mm/slub.c:4438
__kmalloc_node+0x35a/0x4a0 mm/slub.
---truncated---
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
7 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
2420b79f8c18a75ee2417cace381f4604b9b4365 , < 05f7927b25d2635e87267ff6c79db79fb46cf313
(git)
Affected: 2420b79f8c18a75ee2417cace381f4604b9b4365 , < bdd8fc1b826e6f23963f5bef3f7431c6188ec954 (git) Affected: 2420b79f8c18a75ee2417cace381f4604b9b4365 , < 49c24579cec41e32f13d57b337fd28fb208d4a5b (git) Affected: 2420b79f8c18a75ee2417cace381f4604b9b4365 , < 8b0142c4143c1ca297dcf2c0cdd045d65dae2344 (git) Affected: 2420b79f8c18a75ee2417cace381f4604b9b4365 , < bd61f192a339b1095dfd6d56073a5265934c2979 (git) Affected: 2420b79f8c18a75ee2417cace381f4604b9b4365 , < 5a8076e98dde17224dd47283b894a8b1dbe1bc72 (git) Affected: 2420b79f8c18a75ee2417cace381f4604b9b4365 , < 56763f12b0f02706576a088e85ef856deacc98a0 (git) |
|
| Linux | Linux |
Affected:
4.14
Unaffected: 0 , < 4.14 (semver) Unaffected: 4.14.270 , ≤ 4.14.* (semver) Unaffected: 4.19.233 , ≤ 4.19.* (semver) Unaffected: 5.4.183 , ≤ 5.4.* (semver) Unaffected: 5.10.104 , ≤ 5.10.* (semver) Unaffected: 5.15.27 , ≤ 5.15.* (semver) Unaffected: 5.16.13 , ≤ 5.16.* (semver) Unaffected: 5.17 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:33:57.260667Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T17:33:01.872Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/netfilter/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "05f7927b25d2635e87267ff6c79db79fb46cf313",
"status": "affected",
"version": "2420b79f8c18a75ee2417cace381f4604b9b4365",
"versionType": "git"
},
{
"lessThan": "bdd8fc1b826e6f23963f5bef3f7431c6188ec954",
"status": "affected",
"version": "2420b79f8c18a75ee2417cace381f4604b9b4365",
"versionType": "git"
},
{
"lessThan": "49c24579cec41e32f13d57b337fd28fb208d4a5b",
"status": "affected",
"version": "2420b79f8c18a75ee2417cace381f4604b9b4365",
"versionType": "git"
},
{
"lessThan": "8b0142c4143c1ca297dcf2c0cdd045d65dae2344",
"status": "affected",
"version": "2420b79f8c18a75ee2417cace381f4604b9b4365",
"versionType": "git"
},
{
"lessThan": "bd61f192a339b1095dfd6d56073a5265934c2979",
"status": "affected",
"version": "2420b79f8c18a75ee2417cace381f4604b9b4365",
"versionType": "git"
},
{
"lessThan": "5a8076e98dde17224dd47283b894a8b1dbe1bc72",
"status": "affected",
"version": "2420b79f8c18a75ee2417cace381f4604b9b4365",
"versionType": "git"
},
{
"lessThan": "56763f12b0f02706576a088e85ef856deacc98a0",
"status": "affected",
"version": "2420b79f8c18a75ee2417cace381f4604b9b4365",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/netfilter/core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.14"
},
{
"lessThan": "4.14",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.270",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.233",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.183",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.104",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.27",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.13",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.270",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.233",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.183",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.104",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.27",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.16.13",
"versionStartIncluding": "4.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.17",
"versionStartIncluding": "4.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: fix use-after-free in __nf_register_net_hook()\n\nWe must not dereference @new_hooks after nf_hook_mutex has been released,\nbecause other threads might have freed our allocated hooks already.\n\nBUG: KASAN: use-after-free in nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\nBUG: KASAN: use-after-free in hooks_validate net/netfilter/core.c:171 [inline]\nBUG: KASAN: use-after-free in __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\nRead of size 2 at addr ffff88801c1a8000 by task syz-executor237/4430\n\nCPU: 1 PID: 4430 Comm: syz-executor237 Not tainted 5.17.0-rc5-syzkaller-00306-g2293be58d6a1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x336 mm/kasan/report.c:255\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\n nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\n hooks_validate net/netfilter/core.c:171 [inline]\n __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\n nf_register_net_hook+0x114/0x170 net/netfilter/core.c:571\n nf_register_net_hooks+0x59/0xc0 net/netfilter/core.c:587\n nf_synproxy_ipv6_init+0x85/0xe0 net/netfilter/nf_synproxy_core.c:1218\n synproxy_tg6_check+0x30d/0x560 net/ipv6/netfilter/ip6t_SYNPROXY.c:81\n xt_check_target+0x26c/0x9e0 net/netfilter/x_tables.c:1038\n check_target net/ipv6/netfilter/ip6_tables.c:530 [inline]\n find_check_entry.constprop.0+0x7f1/0x9e0 net/ipv6/netfilter/ip6_tables.c:573\n translate_table+0xc8b/0x1750 net/ipv6/netfilter/ip6_tables.c:735\n do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]\n do_ip6t_set_ctl+0x56e/0xb90 net/ipv6/netfilter/ip6_tables.c:1639\n nf_setsockopt+0x83/0xe0 net/netfilter/nf_sockopt.c:101\n ipv6_setsockopt+0x122/0x180 net/ipv6/ipv6_sockglue.c:1024\n rawv6_setsockopt+0xd3/0x6a0 net/ipv6/raw.c:1084\n __sys_setsockopt+0x2db/0x610 net/socket.c:2180\n __do_sys_setsockopt net/socket.c:2191 [inline]\n __se_sys_setsockopt net/socket.c:2188 [inline]\n __x64_sys_setsockopt+0xba/0x150 net/socket.c:2188\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f65a1ace7d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f65a1a7f308 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f65a1ace7d9\nRDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003\nRBP: 00007f65a1b574c8 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000000 R11: 0000000000000246 R12: 00007f65a1b55130\nR13: 00007f65a1b574c0 R14: 00007f65a1b24090 R15: 0000000000022000\n \u003c/TASK\u003e\n\nThe buggy address belongs to the page:\npage:ffffea0000706a00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c1a8\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000000000 ffffea0001c1b108 ffffea000046dd08 0000000000000000\nraw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 2, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 4430, ts 1061781545818, free_ts 1061791488993\n prep_new_page mm/page_alloc.c:2434 [inline]\n get_page_from_freelist+0xa72/0x2f50 mm/page_alloc.c:4165\n __alloc_pages+0x1b2/0x500 mm/page_alloc.c:5389\n __alloc_pages_node include/linux/gfp.h:572 [inline]\n alloc_pages_node include/linux/gfp.h:595 [inline]\n kmalloc_large_node+0x62/0x130 mm/slub.c:4438\n __kmalloc_node+0x35a/0x4a0 mm/slub.\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T18:49:34.267Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/05f7927b25d2635e87267ff6c79db79fb46cf313"
},
{
"url": "https://git.kernel.org/stable/c/bdd8fc1b826e6f23963f5bef3f7431c6188ec954"
},
{
"url": "https://git.kernel.org/stable/c/49c24579cec41e32f13d57b337fd28fb208d4a5b"
},
{
"url": "https://git.kernel.org/stable/c/8b0142c4143c1ca297dcf2c0cdd045d65dae2344"
},
{
"url": "https://git.kernel.org/stable/c/bd61f192a339b1095dfd6d56073a5265934c2979"
},
{
"url": "https://git.kernel.org/stable/c/5a8076e98dde17224dd47283b894a8b1dbe1bc72"
},
{
"url": "https://git.kernel.org/stable/c/56763f12b0f02706576a088e85ef856deacc98a0"
}
],
"title": "netfilter: fix use-after-free in __nf_register_net_hook()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48912",
"datePublished": "2024-08-22T01:31:25.620Z",
"dateReserved": "2024-08-21T06:06:23.294Z",
"dateUpdated": "2026-05-11T18:49:34.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2022-48912",
"date": "2026-06-05",
"epss": "0.00023",
"percentile": "0.06869"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2022-48912\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-08-22T02:15:05.550\",\"lastModified\":\"2024-08-27T16:12:47.173\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnetfilter: fix use-after-free in __nf_register_net_hook()\\n\\nWe must not dereference @new_hooks after nf_hook_mutex has been released,\\nbecause other threads might have freed our allocated hooks already.\\n\\nBUG: KASAN: use-after-free in nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\\nBUG: KASAN: use-after-free in hooks_validate net/netfilter/core.c:171 [inline]\\nBUG: KASAN: use-after-free in __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\\nRead of size 2 at addr ffff88801c1a8000 by task syz-executor237/4430\\n\\nCPU: 1 PID: 4430 Comm: syz-executor237 Not tainted 5.17.0-rc5-syzkaller-00306-g2293be58d6a1 #0\\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\\nCall Trace:\\n \u003cTASK\u003e\\n __dump_stack lib/dump_stack.c:88 [inline]\\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\\n print_address_description.constprop.0.cold+0x8d/0x336 mm/kasan/report.c:255\\n __kasan_report mm/kasan/report.c:442 [inline]\\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\\n nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\\n hooks_validate net/netfilter/core.c:171 [inline]\\n __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\\n nf_register_net_hook+0x114/0x170 net/netfilter/core.c:571\\n nf_register_net_hooks+0x59/0xc0 net/netfilter/core.c:587\\n nf_synproxy_ipv6_init+0x85/0xe0 net/netfilter/nf_synproxy_core.c:1218\\n synproxy_tg6_check+0x30d/0x560 net/ipv6/netfilter/ip6t_SYNPROXY.c:81\\n xt_check_target+0x26c/0x9e0 net/netfilter/x_tables.c:1038\\n check_target net/ipv6/netfilter/ip6_tables.c:530 [inline]\\n find_check_entry.constprop.0+0x7f1/0x9e0 net/ipv6/netfilter/ip6_tables.c:573\\n translate_table+0xc8b/0x1750 net/ipv6/netfilter/ip6_tables.c:735\\n do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]\\n do_ip6t_set_ctl+0x56e/0xb90 net/ipv6/netfilter/ip6_tables.c:1639\\n nf_setsockopt+0x83/0xe0 net/netfilter/nf_sockopt.c:101\\n ipv6_setsockopt+0x122/0x180 net/ipv6/ipv6_sockglue.c:1024\\n rawv6_setsockopt+0xd3/0x6a0 net/ipv6/raw.c:1084\\n __sys_setsockopt+0x2db/0x610 net/socket.c:2180\\n __do_sys_setsockopt net/socket.c:2191 [inline]\\n __se_sys_setsockopt net/socket.c:2188 [inline]\\n __x64_sys_setsockopt+0xba/0x150 net/socket.c:2188\\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\\n entry_SYSCALL_64_after_hwframe+0x44/0xae\\nRIP: 0033:0x7f65a1ace7d9\\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\\nRSP: 002b:00007f65a1a7f308 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\\nRAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f65a1ace7d9\\nRDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003\\nRBP: 00007f65a1b574c8 R08: 0000000000000001 R09: 0000000000000000\\nR10: 0000000020000000 R11: 0000000000000246 R12: 00007f65a1b55130\\nR13: 00007f65a1b574c0 R14: 00007f65a1b24090 R15: 0000000000022000\\n \u003c/TASK\u003e\\n\\nThe buggy address belongs to the page:\\npage:ffffea0000706a00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c1a8\\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\\nraw: 00fff00000000000 ffffea0001c1b108 ffffea000046dd08 0000000000000000\\nraw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\\npage dumped because: kasan: bad access detected\\npage_owner tracks the page as freed\\npage last allocated via order 2, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 4430, ts 1061781545818, free_ts 1061791488993\\n prep_new_page mm/page_alloc.c:2434 [inline]\\n get_page_from_freelist+0xa72/0x2f50 mm/page_alloc.c:4165\\n __alloc_pages+0x1b2/0x500 mm/page_alloc.c:5389\\n __alloc_pages_node include/linux/gfp.h:572 [inline]\\n alloc_pages_node include/linux/gfp.h:595 [inline]\\n kmalloc_large_node+0x62/0x130 mm/slub.c:4438\\n __kmalloc_node+0x35a/0x4a0 mm/slub.\\n---truncated---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netfilter: corrige el use-after-free en __nf_register_net_hook() No debemos eliminar la referencia a @new_hooks despu\u00e9s de que se haya lanzado nf_hook_mutex, porque es posible que otros subprocesos ya hayan liberado nuestros ganchos asignados. ERROR: KASAN: use-after-free en nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [en l\u00ednea] ERROR: KASAN: use-after-free en ganchos_validate net/netfilter/core.c:171 [en l\u00ednea] ERROR: KASAN: use-after-free en __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438 Lectura de tama\u00f1o 2 en la direcci\u00f3n ffff88801c1a8000 por tarea syz-executor237/4430 CPU: 1 PID: 4430 Comm: syz-executor237 No contaminado 5.17.0 -rc5-syzkaller-00306-g2293be58d6a1 #0 Nombre del hardware: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Seguimiento de llamadas: __dump_stack lib/dump_stack.c:88 [en l\u00ednea] dump_stack_lvl+0xcd/ 0x134 lib/dump_stack.c:106 print_address_description.constprop.0.cold+0x8d/0x336 mm/kasan/report.c:255 __kasan_report mm/kasan/report.c:442 [en l\u00ednea] kasan_report.cold+0x83/0xdf mm/ kasan/report.c: 459 nf_hook_entries_get_hook_ops include/linux/netfilter.h: 130 [inline] gooks_validate net/netfilter/core.c: 171 [inline] __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c: 438 nf_net_hook+0x77a/0x820 net/netfilter/core.c: 438 nf_net_hook+0x77a/0x820 net/netfilter/core.c: 438 nfhhook_net_net+0x11 /0x170 net/netfilter/core.c:571 nf_register_net_hooks+0x59/0xc0 net/netfilter/core.c:587 nf_synproxy_ipv6_init+0x85/0xe0 net/netfilter/nf_synproxy_core.c:1218 synproxy_tg6_check+0x30d/0x560 ipv6/filtro de red/ ip6t_SYNPROXY.c:81 xt_check_target+0x26c/0x9e0 net/netfilter/x_tables.c:1038 check_target net/ipv6/netfilter/ip6_tables.c:530 [en l\u00ednea] find_check_entry.constprop.0+0x7f1/0x9e0 net/ipv6/netfilter/ip6_tables .c:573 traducir_table+0xc8b/0x1750 net/ipv6/netfilter/ip6_tables.c:735 do_replace net/ipv6/netfilter/ip6_tables.c:1153 [en l\u00ednea] do_ip6t_set_ctl+0x56e/0xb90 net/ipv6/netfilter/ip6_tables.c: 1639 nf_setsockopt+0x83/0xe0 net/netfilter/nf_sockopt.c:101 ipv6_setsockopt+0x122/0x180 net/ipv6/ipv6_sockglue.c:1024 rawv6_setsockopt+0xd3/0x6a0 net/ipv6/raw.c:1084 ys_setsockopt+0x2db/0x610 neto/ socket.c:2180 __do_sys_setsockopt net/socket.c:2191 [en l\u00ednea] __se_sys_setsockopt net/socket.c:2188 [en l\u00ednea] __x64_sys_setsockopt+0xba/0x150 net/socket.c:2188 do_syscall_x64 arch/x86/entry/common.c : 50 [en l\u00ednea] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 Entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f65a1ace7d9 C\u00f3digo: 28 00 00 00 75 05 48 83 c4 28 c3 e8 1 15 00 00 90 48 89 F8 48 89 F7 48 89 D6 48 89 CA 4D 89 C2 4D 89 C8 4C 8B 4C 24 08 0F 05 \u0026lt;48\u0026gt; 3D 01 F0 FF FF 73 01 C3 48 C7 C1 B8 FF FF FF F7 D8 64 89 01 48 RSP: 002b:00007f65a1a7f308 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00000000000000006 RCX: 00007f65a1ace7d9 RDX: 00000040 RSI: 0000000000000029 RDI: 0000000000000003 RBP: 00007f65a1b574c8 R08: 0000000000000001 R09: 000000000000000 R10: 000000002 0000000 R11: 0000000000000246 R12: 00007f65a1b55130 R13: 00007f65a1b574c0 R14: 00007f65a1b24090 R15: 0000000000022000 La direcci\u00f3n del error pertenece a la p\u00e1gina: p\u00e1gina:ffffea0000706a00 refcount:0 mapcount:0 mapeo:0000000000000000 index:0x0 pfn:0x1c1a8 flags: 0xfff000000 00000(nodo=0|zona=1|lastcpupid=0x7ff) crudo: 00fff00000000000 ffffea0001c1b108 ffffea000046dd08 0000000000000000 crudo: 0000000000000000 00000000000000000 00000000ffffffff 00000000000 00000 p\u00e1gina volcada porque: kasan: mal acceso detectado page_owner rastrea la p\u00e1gina como p\u00e1gina liberada asignada por \u00faltima vez mediante orden 2, migrar tipo Inamovible, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO) , pid 4430, ts 1061781545818, free_ts 1061791488993 prep_new_page mm/page_alloc.c:2434 [en l\u00ednea] ---truncado---\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.14\",\"versionEndExcluding\":\"4.14.270\",\"matchCriteriaId\":\"64D82A2D-7E3F-4739-BADB-F611732BE6C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.233\",\"matchCriteriaId\":\"B59A7E33-6262-458E-AC76-E8CC4E812344\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.183\",\"matchCriteriaId\":\"76A7616E-E6B9-4A7F-AA7C-1D47F774215F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.104\",\"matchCriteriaId\":\"764998FC-D1F7-4BAA-BD56-A553C7AB8F08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.27\",\"matchCriteriaId\":\"B3A8E092-3021-4A34-8DCE-B89D2238818B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"5.16.13\",\"matchCriteriaId\":\"B871B667-EDC0-435D-909E-E918D8D90995\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/05f7927b25d2635e87267ff6c79db79fb46cf313\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/49c24579cec41e32f13d57b337fd28fb208d4a5b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/56763f12b0f02706576a088e85ef856deacc98a0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5a8076e98dde17224dd47283b894a8b1dbe1bc72\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8b0142c4143c1ca297dcf2c0cdd045d65dae2344\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/bd61f192a339b1095dfd6d56073a5265934c2979\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/bdd8fc1b826e6f23963f5bef3f7431c6188ec954\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-48912\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T15:33:57.260667Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T12:42:12.838Z\"}}], \"cna\": {\"title\": \"netfilter: fix use-after-free in __nf_register_net_hook()\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"2420b79f8c18\", \"lessThan\": \"05f7927b25d2\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2420b79f8c18\", \"lessThan\": \"bdd8fc1b826e\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2420b79f8c18\", \"lessThan\": \"49c24579cec4\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2420b79f8c18\", \"lessThan\": \"8b0142c4143c\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2420b79f8c18\", \"lessThan\": \"bd61f192a339\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2420b79f8c18\", \"lessThan\": \"5a8076e98dde\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2420b79f8c18\", \"lessThan\": \"56763f12b0f0\", \"versionType\": \"git\"}], \"programFiles\": [\"net/netfilter/core.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.14\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.14\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.14.270\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.14.*\"}, {\"status\": \"unaffected\", \"version\": \"4.19.233\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.183\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.104\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.27\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"5.16.13\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.16.*\"}, {\"status\": \"unaffected\", \"version\": \"5.17\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"net/netfilter/core.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/05f7927b25d2635e87267ff6c79db79fb46cf313\"}, {\"url\": \"https://git.kernel.org/stable/c/bdd8fc1b826e6f23963f5bef3f7431c6188ec954\"}, {\"url\": \"https://git.kernel.org/stable/c/49c24579cec41e32f13d57b337fd28fb208d4a5b\"}, {\"url\": \"https://git.kernel.org/stable/c/8b0142c4143c1ca297dcf2c0cdd045d65dae2344\"}, {\"url\": \"https://git.kernel.org/stable/c/bd61f192a339b1095dfd6d56073a5265934c2979\"}, {\"url\": \"https://git.kernel.org/stable/c/5a8076e98dde17224dd47283b894a8b1dbe1bc72\"}, {\"url\": \"https://git.kernel.org/stable/c/56763f12b0f02706576a088e85ef856deacc98a0\"}], \"x_generator\": {\"engine\": \"bippy-9e1c9544281a\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnetfilter: fix use-after-free in __nf_register_net_hook()\\n\\nWe must not dereference @new_hooks after nf_hook_mutex has been released,\\nbecause other threads might have freed our allocated hooks already.\\n\\nBUG: KASAN: use-after-free in nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\\nBUG: KASAN: use-after-free in hooks_validate net/netfilter/core.c:171 [inline]\\nBUG: KASAN: use-after-free in __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\\nRead of size 2 at addr ffff88801c1a8000 by task syz-executor237/4430\\n\\nCPU: 1 PID: 4430 Comm: syz-executor237 Not tainted 5.17.0-rc5-syzkaller-00306-g2293be58d6a1 #0\\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\\nCall Trace:\\n \u003cTASK\u003e\\n __dump_stack lib/dump_stack.c:88 [inline]\\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\\n print_address_description.constprop.0.cold+0x8d/0x336 mm/kasan/report.c:255\\n __kasan_report mm/kasan/report.c:442 [inline]\\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\\n nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\\n hooks_validate net/netfilter/core.c:171 [inline]\\n __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\\n nf_register_net_hook+0x114/0x170 net/netfilter/core.c:571\\n nf_register_net_hooks+0x59/0xc0 net/netfilter/core.c:587\\n nf_synproxy_ipv6_init+0x85/0xe0 net/netfilter/nf_synproxy_core.c:1218\\n synproxy_tg6_check+0x30d/0x560 net/ipv6/netfilter/ip6t_SYNPROXY.c:81\\n xt_check_target+0x26c/0x9e0 net/netfilter/x_tables.c:1038\\n check_target net/ipv6/netfilter/ip6_tables.c:530 [inline]\\n find_check_entry.constprop.0+0x7f1/0x9e0 net/ipv6/netfilter/ip6_tables.c:573\\n translate_table+0xc8b/0x1750 net/ipv6/netfilter/ip6_tables.c:735\\n do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]\\n do_ip6t_set_ctl+0x56e/0xb90 net/ipv6/netfilter/ip6_tables.c:1639\\n nf_setsockopt+0x83/0xe0 net/netfilter/nf_sockopt.c:101\\n ipv6_setsockopt+0x122/0x180 net/ipv6/ipv6_sockglue.c:1024\\n rawv6_setsockopt+0xd3/0x6a0 net/ipv6/raw.c:1084\\n __sys_setsockopt+0x2db/0x610 net/socket.c:2180\\n __do_sys_setsockopt net/socket.c:2191 [inline]\\n __se_sys_setsockopt net/socket.c:2188 [inline]\\n __x64_sys_setsockopt+0xba/0x150 net/socket.c:2188\\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\\n entry_SYSCALL_64_after_hwframe+0x44/0xae\\nRIP: 0033:0x7f65a1ace7d9\\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\\nRSP: 002b:00007f65a1a7f308 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\\nRAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f65a1ace7d9\\nRDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003\\nRBP: 00007f65a1b574c8 R08: 0000000000000001 R09: 0000000000000000\\nR10: 0000000020000000 R11: 0000000000000246 R12: 00007f65a1b55130\\nR13: 00007f65a1b574c0 R14: 00007f65a1b24090 R15: 0000000000022000\\n \u003c/TASK\u003e\\n\\nThe buggy address belongs to the page:\\npage:ffffea0000706a00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c1a8\\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\\nraw: 00fff00000000000 ffffea0001c1b108 ffffea000046dd08 0000000000000000\\nraw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\\npage dumped because: kasan: bad access detected\\npage_owner tracks the page as freed\\npage last allocated via order 2, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 4430, ts 1061781545818, free_ts 1061791488993\\n prep_new_page mm/page_alloc.c:2434 [inline]\\n get_page_from_freelist+0xa72/0x2f50 mm/page_alloc.c:4165\\n __alloc_pages+0x1b2/0x500 mm/page_alloc.c:5389\\n __alloc_pages_node include/linux/gfp.h:572 [inline]\\n alloc_pages_node include/linux/gfp.h:595 [inline]\\n kmalloc_large_node+0x62/0x130 mm/slub.c:4438\\n __kmalloc_node+0x35a/0x4a0 mm/slub.\\n---truncated---\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-11-04T12:19:01.803Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-48912\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-04T12:19:01.803Z\", \"dateReserved\": \"2024-08-21T06:06:23.294Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-08-22T01:31:25.620Z\", \"assignerShortName\": \"Linux\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2025:0455-1
Vulnerability from csaf_suse - Published: 2025-02-12 11:33 - Updated: 2025-02-12 11:33Summary
Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4)
Description of the patch: This update for the Linux Kernel 5.14.21-150400_24_103 fixes several issues.
The following security issues were fixed:
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230998).
- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
- CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)
- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993).
Patchnames: SUSE-2025-450,SUSE-2025-451,SUSE-2025-455,SUSE-SLE-Module-Live-Patching-15-SP4-2025-455
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150400_24_103 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230998).\n- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)\n- CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)\n- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-450,SUSE-2025-451,SUSE-2025-455,SUSE-SLE-Module-Live-Patching-15-SP4-2025-455",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0455-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0455-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250455-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0455-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020321.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229644",
"url": "https://bugzilla.suse.com/1229644"
},
{
"category": "self",
"summary": "SUSE Bug 1229663",
"url": "https://bugzilla.suse.com/1229663"
},
{
"category": "self",
"summary": "SUSE Bug 1230998",
"url": "https://bugzilla.suse.com/1230998"
},
{
"category": "self",
"summary": "SUSE Bug 1231993",
"url": "https://bugzilla.suse.com/1231993"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48912 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48923 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47684 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47684/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4)",
"tracking": {
"current_release_date": "2025-02-12T11:33:43Z",
"generator": {
"date": "2025-02-12T11:33:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0455-1",
"initial_release_date": "2025-02-12T11:33:43Z",
"revision_history": [
{
"date": "2025-02-12T11:33:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_108-default-14-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_108-default-14-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_108-default-14-150400.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_119-default-11-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_119-default-11-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_119-default-11-150400.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_108-default-14-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_108-default-14-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_108-default-14-150400.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_119-default-11-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_119-default-11-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_119-default-11-150400.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_108-default-14-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_108-default-14-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_108-default-14-150400.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_119-default-11-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_119-default-11-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_119-default-11-150400.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-48912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: fix use-after-free in __nf_register_net_hook()\n\nWe must not dereference @new_hooks after nf_hook_mutex has been released,\nbecause other threads might have freed our allocated hooks already.\n\nBUG: KASAN: use-after-free in nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\nBUG: KASAN: use-after-free in hooks_validate net/netfilter/core.c:171 [inline]\nBUG: KASAN: use-after-free in __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\nRead of size 2 at addr ffff88801c1a8000 by task syz-executor237/4430\n\nCPU: 1 PID: 4430 Comm: syz-executor237 Not tainted 5.17.0-rc5-syzkaller-00306-g2293be58d6a1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x336 mm/kasan/report.c:255\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\n nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\n hooks_validate net/netfilter/core.c:171 [inline]\n __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\n nf_register_net_hook+0x114/0x170 net/netfilter/core.c:571\n nf_register_net_hooks+0x59/0xc0 net/netfilter/core.c:587\n nf_synproxy_ipv6_init+0x85/0xe0 net/netfilter/nf_synproxy_core.c:1218\n synproxy_tg6_check+0x30d/0x560 net/ipv6/netfilter/ip6t_SYNPROXY.c:81\n xt_check_target+0x26c/0x9e0 net/netfilter/x_tables.c:1038\n check_target net/ipv6/netfilter/ip6_tables.c:530 [inline]\n find_check_entry.constprop.0+0x7f1/0x9e0 net/ipv6/netfilter/ip6_tables.c:573\n translate_table+0xc8b/0x1750 net/ipv6/netfilter/ip6_tables.c:735\n do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]\n do_ip6t_set_ctl+0x56e/0xb90 net/ipv6/netfilter/ip6_tables.c:1639\n nf_setsockopt+0x83/0xe0 net/netfilter/nf_sockopt.c:101\n ipv6_setsockopt+0x122/0x180 net/ipv6/ipv6_sockglue.c:1024\n rawv6_setsockopt+0xd3/0x6a0 net/ipv6/raw.c:1084\n __sys_setsockopt+0x2db/0x610 net/socket.c:2180\n __do_sys_setsockopt net/socket.c:2191 [inline]\n __se_sys_setsockopt net/socket.c:2188 [inline]\n __x64_sys_setsockopt+0xba/0x150 net/socket.c:2188\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f65a1ace7d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f65a1a7f308 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f65a1ace7d9\nRDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003\nRBP: 00007f65a1b574c8 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000000 R11: 0000000000000246 R12: 00007f65a1b55130\nR13: 00007f65a1b574c0 R14: 00007f65a1b24090 R15: 0000000000022000\n \u003c/TASK\u003e\n\nThe buggy address belongs to the page:\npage:ffffea0000706a00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c1a8\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000000000 ffffea0001c1b108 ffffea000046dd08 0000000000000000\nraw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 2, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 4430, ts 1061781545818, free_ts 1061791488993\n prep_new_page mm/page_alloc.c:2434 [inline]\n get_page_from_freelist+0xa72/0x2f50 mm/page_alloc.c:4165\n __alloc_pages+0x1b2/0x500 mm/page_alloc.c:5389\n __alloc_pages_node include/linux/gfp.h:572 [inline]\n alloc_pages_node include/linux/gfp.h:595 [inline]\n kmalloc_large_node+0x62/0x130 mm/slub.c:4438\n __kmalloc_node+0x35a/0x4a0 mm/slub.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48912",
"url": "https://www.suse.com/security/cve/CVE-2022-48912"
},
{
"category": "external",
"summary": "SUSE Bug 1229641 for CVE-2022-48912",
"url": "https://bugzilla.suse.com/1229641"
},
{
"category": "external",
"summary": "SUSE Bug 1229644 for CVE-2022-48912",
"url": "https://bugzilla.suse.com/1229644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T11:33:43Z",
"details": "important"
}
],
"title": "CVE-2022-48912"
},
{
"cve": "CVE-2022-48923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: prevent copying too big compressed lzo segment\n\nCompressed length can be corrupted to be a lot larger than memory\nwe have allocated for buffer.\nThis will cause memcpy in copy_compressed_segment to write outside\nof allocated memory.\n\nThis mostly results in stuck read syscall but sometimes when using\nbtrfs send can get #GP\n\n kernel: general protection fault, probably for non-canonical address 0x841551d5c1000: 0000 [#1] PREEMPT SMP NOPTI\n kernel: CPU: 17 PID: 264 Comm: kworker/u256:7 Tainted: P OE 5.17.0-rc2-1 #12\n kernel: Workqueue: btrfs-endio btrfs_work_helper [btrfs]\n kernel: RIP: 0010:lzo_decompress_bio (./include/linux/fortify-string.h:225 fs/btrfs/lzo.c:322 fs/btrfs/lzo.c:394) btrfs\n Code starting with the faulting instruction\n ===========================================\n 0:* 48 8b 06 mov (%rsi),%rax \u003c-- trapping instruction\n 3: 48 8d 79 08 lea 0x8(%rcx),%rdi\n 7: 48 83 e7 f8 and $0xfffffffffffffff8,%rdi\n b: 48 89 01 mov %rax,(%rcx)\n e: 44 89 f0 mov %r14d,%eax\n 11: 48 8b 54 06 f8 mov -0x8(%rsi,%rax,1),%rdx\n kernel: RSP: 0018:ffffb110812efd50 EFLAGS: 00010212\n kernel: RAX: 0000000000001000 RBX: 000000009ca264c8 RCX: ffff98996e6d8ff8\n kernel: RDX: 0000000000000064 RSI: 000841551d5c1000 RDI: ffffffff9500435d\n kernel: RBP: ffff989a3be856c0 R08: 0000000000000000 R09: 0000000000000000\n kernel: R10: 0000000000000000 R11: 0000000000001000 R12: ffff98996e6d8000\n kernel: R13: 0000000000000008 R14: 0000000000001000 R15: 000841551d5c1000\n kernel: FS: 0000000000000000(0000) GS:ffff98a09d640000(0000) knlGS:0000000000000000\n kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n kernel: CR2: 00001e9f984d9ea8 CR3: 000000014971a000 CR4: 00000000003506e0\n kernel: Call Trace:\n kernel: \u003cTASK\u003e\n kernel: end_compressed_bio_read (fs/btrfs/compression.c:104 fs/btrfs/compression.c:1363 fs/btrfs/compression.c:323) btrfs\n kernel: end_workqueue_fn (fs/btrfs/disk-io.c:1923) btrfs\n kernel: btrfs_work_helper (fs/btrfs/async-thread.c:326) btrfs\n kernel: process_one_work (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:212 ./include/trace/events/workqueue.h:108 kernel/workqueue.c:2312)\n kernel: worker_thread (./include/linux/list.h:292 kernel/workqueue.c:2455)\n kernel: ? process_one_work (kernel/workqueue.c:2397)\n kernel: kthread (kernel/kthread.c:377)\n kernel: ? kthread_complete_and_exit (kernel/kthread.c:332)\n kernel: ret_from_fork (arch/x86/entry/entry_64.S:301)\n kernel: \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48923",
"url": "https://www.suse.com/security/cve/CVE-2022-48923"
},
{
"category": "external",
"summary": "SUSE Bug 1229662 for CVE-2022-48923",
"url": "https://bugzilla.suse.com/1229662"
},
{
"category": "external",
"summary": "SUSE Bug 1229663 for CVE-2022-48923",
"url": "https://bugzilla.suse.com/1229663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T11:33:43Z",
"details": "important"
}
],
"title": "CVE-2022-48923"
},
{
"cve": "CVE-2024-45016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: fix return value if duplicate enqueue fails\n\nThere is a bug in netem_enqueue() introduced by\ncommit 5845f706388a (\"net: netem: fix skb length BUG_ON in __skb_to_sgvec\")\nthat can lead to a use-after-free.\n\nThis commit made netem_enqueue() always return NET_XMIT_SUCCESS\nwhen a packet is duplicated, which can cause the parent qdisc\u0027s q.qlen\nto be mistakenly incremented. When this happens qlen_notify() may be\nskipped on the parent during destruction, leaving a dangling pointer\nfor some classful qdiscs like DRR.\n\nThere are two ways for the bug happen:\n\n- If the duplicated packet is dropped by rootq-\u003eenqueue() and then\n the original packet is also dropped.\n- If rootq-\u003eenqueue() sends the duplicated packet to a different qdisc\n and the original packet is dropped.\n\nIn both cases NET_XMIT_SUCCESS is returned even though no packets\nare enqueued at the netem qdisc.\n\nThe fix is to defer the enqueue of the duplicate packet until after\nthe original packet has been guaranteed to return NET_XMIT_SUCCESS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45016",
"url": "https://www.suse.com/security/cve/CVE-2024-45016"
},
{
"category": "external",
"summary": "SUSE Bug 1230429 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "external",
"summary": "SUSE Bug 1230998 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T11:33:43Z",
"details": "important"
}
],
"title": "CVE-2024-45016"
},
{
"cve": "CVE-2024-47684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: check skb is non-NULL in tcp_rto_delta_us()\n\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\nkernel that are running ceph and recently hit a null ptr dereference in\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\nsaw it getting hit from the RACK case as well. Here are examples of the oops\nmessages we saw in each of those cases:\n\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 \u003c48\u003e 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\nJul 26 15:05:02 rx [11061395.919488]\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47684",
"url": "https://www.suse.com/security/cve/CVE-2024-47684"
},
{
"category": "external",
"summary": "SUSE Bug 1231987 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231987"
},
{
"category": "external",
"summary": "SUSE Bug 1231993 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T11:33:43Z",
"details": "important"
}
],
"title": "CVE-2024-47684"
}
]
}
SUSE-SU-2025:0462-1
Vulnerability from csaf_suse - Published: 2025-02-12 15:33 - Updated: 2025-02-12 15:33Summary
Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5)
Description of the patch: This update for the Linux Kernel 5.14.21-150500_55_44 fixes several issues.
The following security issues were fixed:
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230998).
- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
- CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)
- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993).
Patchnames: SUSE-2025-459,SUSE-2025-462,SUSE-2025-463,SUSE-2025-467,SUSE-2025-475,SUSE-2025-480,SUSE-SLE-Module-Live-Patching-15-SP4-2025-479,SUSE-SLE-Module-Live-Patching-15-SP5-2025-480
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150500_55_44 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230998).\n- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)\n- CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)\n- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-459,SUSE-2025-462,SUSE-2025-463,SUSE-2025-467,SUSE-2025-475,SUSE-2025-480,SUSE-SLE-Module-Live-Patching-15-SP4-2025-479,SUSE-SLE-Module-Live-Patching-15-SP5-2025-480",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0462-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0462-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250462-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0462-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020325.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229644",
"url": "https://bugzilla.suse.com/1229644"
},
{
"category": "self",
"summary": "SUSE Bug 1229663",
"url": "https://bugzilla.suse.com/1229663"
},
{
"category": "self",
"summary": "SUSE Bug 1230998",
"url": "https://bugzilla.suse.com/1230998"
},
{
"category": "self",
"summary": "SUSE Bug 1231993",
"url": "https://bugzilla.suse.com/1231993"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48912 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48923 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47684 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47684/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5)",
"tracking": {
"current_release_date": "2025-02-12T15:33:27Z",
"generator": {
"date": "2025-02-12T15:33:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0462-1",
"initial_release_date": "2025-02-12T15:33:27Z",
"revision_history": [
{
"date": "2025-02-12T15:33:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_128-default-4-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_128-default-4-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_128-default-4-150400.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_111-default-12-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_111-default-12-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_111-default-12-150400.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_52-default-12-150500.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_52-default-12-150500.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_55_52-default-12-150500.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_59-default-12-150500.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_59-default-12-150500.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_55_59-default-12-150500.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_116-default-12-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_116-default-12-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_116-default-12-150400.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_128-default-4-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_128-default-4-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_128-default-4-150400.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_111-default-12-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_111-default-12-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_111-default-12-150400.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_52-default-12-150500.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_52-default-12-150500.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_55_52-default-12-150500.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_59-default-12-150500.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_59-default-12-150500.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_55_59-default-12-150500.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_116-default-12-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_116-default-12-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_116-default-12-150400.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_128-default-4-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_128-default-4-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_128-default-4-150400.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_111-default-12-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_111-default-12-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_111-default-12-150400.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_52-default-12-150500.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_52-default-12-150500.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_55_52-default-12-150500.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_59-default-12-150500.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_59-default-12-150500.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_55_59-default-12-150500.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_116-default-12-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_116-default-12-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_116-default-12-150400.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-48912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: fix use-after-free in __nf_register_net_hook()\n\nWe must not dereference @new_hooks after nf_hook_mutex has been released,\nbecause other threads might have freed our allocated hooks already.\n\nBUG: KASAN: use-after-free in nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\nBUG: KASAN: use-after-free in hooks_validate net/netfilter/core.c:171 [inline]\nBUG: KASAN: use-after-free in __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\nRead of size 2 at addr ffff88801c1a8000 by task syz-executor237/4430\n\nCPU: 1 PID: 4430 Comm: syz-executor237 Not tainted 5.17.0-rc5-syzkaller-00306-g2293be58d6a1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x336 mm/kasan/report.c:255\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\n nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\n hooks_validate net/netfilter/core.c:171 [inline]\n __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\n nf_register_net_hook+0x114/0x170 net/netfilter/core.c:571\n nf_register_net_hooks+0x59/0xc0 net/netfilter/core.c:587\n nf_synproxy_ipv6_init+0x85/0xe0 net/netfilter/nf_synproxy_core.c:1218\n synproxy_tg6_check+0x30d/0x560 net/ipv6/netfilter/ip6t_SYNPROXY.c:81\n xt_check_target+0x26c/0x9e0 net/netfilter/x_tables.c:1038\n check_target net/ipv6/netfilter/ip6_tables.c:530 [inline]\n find_check_entry.constprop.0+0x7f1/0x9e0 net/ipv6/netfilter/ip6_tables.c:573\n translate_table+0xc8b/0x1750 net/ipv6/netfilter/ip6_tables.c:735\n do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]\n do_ip6t_set_ctl+0x56e/0xb90 net/ipv6/netfilter/ip6_tables.c:1639\n nf_setsockopt+0x83/0xe0 net/netfilter/nf_sockopt.c:101\n ipv6_setsockopt+0x122/0x180 net/ipv6/ipv6_sockglue.c:1024\n rawv6_setsockopt+0xd3/0x6a0 net/ipv6/raw.c:1084\n __sys_setsockopt+0x2db/0x610 net/socket.c:2180\n __do_sys_setsockopt net/socket.c:2191 [inline]\n __se_sys_setsockopt net/socket.c:2188 [inline]\n __x64_sys_setsockopt+0xba/0x150 net/socket.c:2188\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f65a1ace7d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f65a1a7f308 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f65a1ace7d9\nRDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003\nRBP: 00007f65a1b574c8 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000000 R11: 0000000000000246 R12: 00007f65a1b55130\nR13: 00007f65a1b574c0 R14: 00007f65a1b24090 R15: 0000000000022000\n \u003c/TASK\u003e\n\nThe buggy address belongs to the page:\npage:ffffea0000706a00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c1a8\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000000000 ffffea0001c1b108 ffffea000046dd08 0000000000000000\nraw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 2, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 4430, ts 1061781545818, free_ts 1061791488993\n prep_new_page mm/page_alloc.c:2434 [inline]\n get_page_from_freelist+0xa72/0x2f50 mm/page_alloc.c:4165\n __alloc_pages+0x1b2/0x500 mm/page_alloc.c:5389\n __alloc_pages_node include/linux/gfp.h:572 [inline]\n alloc_pages_node include/linux/gfp.h:595 [inline]\n kmalloc_large_node+0x62/0x130 mm/slub.c:4438\n __kmalloc_node+0x35a/0x4a0 mm/slub.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48912",
"url": "https://www.suse.com/security/cve/CVE-2022-48912"
},
{
"category": "external",
"summary": "SUSE Bug 1229641 for CVE-2022-48912",
"url": "https://bugzilla.suse.com/1229641"
},
{
"category": "external",
"summary": "SUSE Bug 1229644 for CVE-2022-48912",
"url": "https://bugzilla.suse.com/1229644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T15:33:27Z",
"details": "important"
}
],
"title": "CVE-2022-48912"
},
{
"cve": "CVE-2022-48923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: prevent copying too big compressed lzo segment\n\nCompressed length can be corrupted to be a lot larger than memory\nwe have allocated for buffer.\nThis will cause memcpy in copy_compressed_segment to write outside\nof allocated memory.\n\nThis mostly results in stuck read syscall but sometimes when using\nbtrfs send can get #GP\n\n kernel: general protection fault, probably for non-canonical address 0x841551d5c1000: 0000 [#1] PREEMPT SMP NOPTI\n kernel: CPU: 17 PID: 264 Comm: kworker/u256:7 Tainted: P OE 5.17.0-rc2-1 #12\n kernel: Workqueue: btrfs-endio btrfs_work_helper [btrfs]\n kernel: RIP: 0010:lzo_decompress_bio (./include/linux/fortify-string.h:225 fs/btrfs/lzo.c:322 fs/btrfs/lzo.c:394) btrfs\n Code starting with the faulting instruction\n ===========================================\n 0:* 48 8b 06 mov (%rsi),%rax \u003c-- trapping instruction\n 3: 48 8d 79 08 lea 0x8(%rcx),%rdi\n 7: 48 83 e7 f8 and $0xfffffffffffffff8,%rdi\n b: 48 89 01 mov %rax,(%rcx)\n e: 44 89 f0 mov %r14d,%eax\n 11: 48 8b 54 06 f8 mov -0x8(%rsi,%rax,1),%rdx\n kernel: RSP: 0018:ffffb110812efd50 EFLAGS: 00010212\n kernel: RAX: 0000000000001000 RBX: 000000009ca264c8 RCX: ffff98996e6d8ff8\n kernel: RDX: 0000000000000064 RSI: 000841551d5c1000 RDI: ffffffff9500435d\n kernel: RBP: ffff989a3be856c0 R08: 0000000000000000 R09: 0000000000000000\n kernel: R10: 0000000000000000 R11: 0000000000001000 R12: ffff98996e6d8000\n kernel: R13: 0000000000000008 R14: 0000000000001000 R15: 000841551d5c1000\n kernel: FS: 0000000000000000(0000) GS:ffff98a09d640000(0000) knlGS:0000000000000000\n kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n kernel: CR2: 00001e9f984d9ea8 CR3: 000000014971a000 CR4: 00000000003506e0\n kernel: Call Trace:\n kernel: \u003cTASK\u003e\n kernel: end_compressed_bio_read (fs/btrfs/compression.c:104 fs/btrfs/compression.c:1363 fs/btrfs/compression.c:323) btrfs\n kernel: end_workqueue_fn (fs/btrfs/disk-io.c:1923) btrfs\n kernel: btrfs_work_helper (fs/btrfs/async-thread.c:326) btrfs\n kernel: process_one_work (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:212 ./include/trace/events/workqueue.h:108 kernel/workqueue.c:2312)\n kernel: worker_thread (./include/linux/list.h:292 kernel/workqueue.c:2455)\n kernel: ? process_one_work (kernel/workqueue.c:2397)\n kernel: kthread (kernel/kthread.c:377)\n kernel: ? kthread_complete_and_exit (kernel/kthread.c:332)\n kernel: ret_from_fork (arch/x86/entry/entry_64.S:301)\n kernel: \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48923",
"url": "https://www.suse.com/security/cve/CVE-2022-48923"
},
{
"category": "external",
"summary": "SUSE Bug 1229662 for CVE-2022-48923",
"url": "https://bugzilla.suse.com/1229662"
},
{
"category": "external",
"summary": "SUSE Bug 1229663 for CVE-2022-48923",
"url": "https://bugzilla.suse.com/1229663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T15:33:27Z",
"details": "important"
}
],
"title": "CVE-2022-48923"
},
{
"cve": "CVE-2024-45016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: fix return value if duplicate enqueue fails\n\nThere is a bug in netem_enqueue() introduced by\ncommit 5845f706388a (\"net: netem: fix skb length BUG_ON in __skb_to_sgvec\")\nthat can lead to a use-after-free.\n\nThis commit made netem_enqueue() always return NET_XMIT_SUCCESS\nwhen a packet is duplicated, which can cause the parent qdisc\u0027s q.qlen\nto be mistakenly incremented. When this happens qlen_notify() may be\nskipped on the parent during destruction, leaving a dangling pointer\nfor some classful qdiscs like DRR.\n\nThere are two ways for the bug happen:\n\n- If the duplicated packet is dropped by rootq-\u003eenqueue() and then\n the original packet is also dropped.\n- If rootq-\u003eenqueue() sends the duplicated packet to a different qdisc\n and the original packet is dropped.\n\nIn both cases NET_XMIT_SUCCESS is returned even though no packets\nare enqueued at the netem qdisc.\n\nThe fix is to defer the enqueue of the duplicate packet until after\nthe original packet has been guaranteed to return NET_XMIT_SUCCESS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45016",
"url": "https://www.suse.com/security/cve/CVE-2024-45016"
},
{
"category": "external",
"summary": "SUSE Bug 1230429 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "external",
"summary": "SUSE Bug 1230998 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T15:33:27Z",
"details": "important"
}
],
"title": "CVE-2024-45016"
},
{
"cve": "CVE-2024-47684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: check skb is non-NULL in tcp_rto_delta_us()\n\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\nkernel that are running ceph and recently hit a null ptr dereference in\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\nsaw it getting hit from the RACK case as well. Here are examples of the oops\nmessages we saw in each of those cases:\n\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 \u003c48\u003e 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\nJul 26 15:05:02 rx [11061395.919488]\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47684",
"url": "https://www.suse.com/security/cve/CVE-2024-47684"
},
{
"category": "external",
"summary": "SUSE Bug 1231987 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231987"
},
{
"category": "external",
"summary": "SUSE Bug 1231993 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T15:33:27Z",
"details": "important"
}
],
"title": "CVE-2024-47684"
}
]
}
SUSE-SU-2025:0465-1
Vulnerability from csaf_suse - Published: 2025-02-12 12:33 - Updated: 2025-02-12 12:33Summary
Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)
Description of the patch: This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues.
The following security issues were fixed:
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230998).
- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993).
Patchnames: SUSE-2025-461,SUSE-2025-464,SUSE-2025-465,SUSE-2025-466,SUSE-SLE-Module-Live-Patching-15-SP3-2025-472,SUSE-SLE-Module-Live-Patching-15-SP5-2025-464
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
19 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230998).\n- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)\n- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-461,SUSE-2025-464,SUSE-2025-465,SUSE-2025-466,SUSE-SLE-Module-Live-Patching-15-SP3-2025-472,SUSE-SLE-Module-Live-Patching-15-SP5-2025-464",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0465-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0465-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250465-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0465-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020324.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229644",
"url": "https://bugzilla.suse.com/1229644"
},
{
"category": "self",
"summary": "SUSE Bug 1230998",
"url": "https://bugzilla.suse.com/1230998"
},
{
"category": "self",
"summary": "SUSE Bug 1231993",
"url": "https://bugzilla.suse.com/1231993"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48912 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47684 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47684/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)",
"tracking": {
"current_release_date": "2025-02-12T12:33:47Z",
"generator": {
"date": "2025-02-12T12:33:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0465-1",
"initial_release_date": "2025-02-12T12:33:47Z",
"revision_history": [
{
"date": "2025-02-12T12:33:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_167-default-7-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_167-default-7-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_167-default-7-150300.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_150-default-16-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_150-default-16-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_150-default-16-150300.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_158-default-12-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_158-default-12-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_158-default-12-150300.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_167-default-7-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_167-default-7-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_167-default-7-150300.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_150-default-16-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_150-default-16-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_150-default-16-150300.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_158-default-12-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_158-default-12-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_158-default-12-150300.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_167-default-7-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_167-default-7-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_167-default-7-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_167-preempt-7-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_167-preempt-7-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_167-preempt-7-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_150-default-16-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_150-default-16-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_150-default-16-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_150-preempt-16-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_150-preempt-16-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_150-preempt-16-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_158-default-12-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_158-default-12-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_158-default-12-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_158-preempt-12-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_158-preempt-12-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_158-preempt-12-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-48912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: fix use-after-free in __nf_register_net_hook()\n\nWe must not dereference @new_hooks after nf_hook_mutex has been released,\nbecause other threads might have freed our allocated hooks already.\n\nBUG: KASAN: use-after-free in nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\nBUG: KASAN: use-after-free in hooks_validate net/netfilter/core.c:171 [inline]\nBUG: KASAN: use-after-free in __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\nRead of size 2 at addr ffff88801c1a8000 by task syz-executor237/4430\n\nCPU: 1 PID: 4430 Comm: syz-executor237 Not tainted 5.17.0-rc5-syzkaller-00306-g2293be58d6a1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x336 mm/kasan/report.c:255\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\n nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\n hooks_validate net/netfilter/core.c:171 [inline]\n __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\n nf_register_net_hook+0x114/0x170 net/netfilter/core.c:571\n nf_register_net_hooks+0x59/0xc0 net/netfilter/core.c:587\n nf_synproxy_ipv6_init+0x85/0xe0 net/netfilter/nf_synproxy_core.c:1218\n synproxy_tg6_check+0x30d/0x560 net/ipv6/netfilter/ip6t_SYNPROXY.c:81\n xt_check_target+0x26c/0x9e0 net/netfilter/x_tables.c:1038\n check_target net/ipv6/netfilter/ip6_tables.c:530 [inline]\n find_check_entry.constprop.0+0x7f1/0x9e0 net/ipv6/netfilter/ip6_tables.c:573\n translate_table+0xc8b/0x1750 net/ipv6/netfilter/ip6_tables.c:735\n do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]\n do_ip6t_set_ctl+0x56e/0xb90 net/ipv6/netfilter/ip6_tables.c:1639\n nf_setsockopt+0x83/0xe0 net/netfilter/nf_sockopt.c:101\n ipv6_setsockopt+0x122/0x180 net/ipv6/ipv6_sockglue.c:1024\n rawv6_setsockopt+0xd3/0x6a0 net/ipv6/raw.c:1084\n __sys_setsockopt+0x2db/0x610 net/socket.c:2180\n __do_sys_setsockopt net/socket.c:2191 [inline]\n __se_sys_setsockopt net/socket.c:2188 [inline]\n __x64_sys_setsockopt+0xba/0x150 net/socket.c:2188\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f65a1ace7d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f65a1a7f308 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f65a1ace7d9\nRDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003\nRBP: 00007f65a1b574c8 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000000 R11: 0000000000000246 R12: 00007f65a1b55130\nR13: 00007f65a1b574c0 R14: 00007f65a1b24090 R15: 0000000000022000\n \u003c/TASK\u003e\n\nThe buggy address belongs to the page:\npage:ffffea0000706a00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c1a8\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000000000 ffffea0001c1b108 ffffea000046dd08 0000000000000000\nraw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 2, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 4430, ts 1061781545818, free_ts 1061791488993\n prep_new_page mm/page_alloc.c:2434 [inline]\n get_page_from_freelist+0xa72/0x2f50 mm/page_alloc.c:4165\n __alloc_pages+0x1b2/0x500 mm/page_alloc.c:5389\n __alloc_pages_node include/linux/gfp.h:572 [inline]\n alloc_pages_node include/linux/gfp.h:595 [inline]\n kmalloc_large_node+0x62/0x130 mm/slub.c:4438\n __kmalloc_node+0x35a/0x4a0 mm/slub.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48912",
"url": "https://www.suse.com/security/cve/CVE-2022-48912"
},
{
"category": "external",
"summary": "SUSE Bug 1229641 for CVE-2022-48912",
"url": "https://bugzilla.suse.com/1229641"
},
{
"category": "external",
"summary": "SUSE Bug 1229644 for CVE-2022-48912",
"url": "https://bugzilla.suse.com/1229644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T12:33:47Z",
"details": "important"
}
],
"title": "CVE-2022-48912"
},
{
"cve": "CVE-2024-45016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: fix return value if duplicate enqueue fails\n\nThere is a bug in netem_enqueue() introduced by\ncommit 5845f706388a (\"net: netem: fix skb length BUG_ON in __skb_to_sgvec\")\nthat can lead to a use-after-free.\n\nThis commit made netem_enqueue() always return NET_XMIT_SUCCESS\nwhen a packet is duplicated, which can cause the parent qdisc\u0027s q.qlen\nto be mistakenly incremented. When this happens qlen_notify() may be\nskipped on the parent during destruction, leaving a dangling pointer\nfor some classful qdiscs like DRR.\n\nThere are two ways for the bug happen:\n\n- If the duplicated packet is dropped by rootq-\u003eenqueue() and then\n the original packet is also dropped.\n- If rootq-\u003eenqueue() sends the duplicated packet to a different qdisc\n and the original packet is dropped.\n\nIn both cases NET_XMIT_SUCCESS is returned even though no packets\nare enqueued at the netem qdisc.\n\nThe fix is to defer the enqueue of the duplicate packet until after\nthe original packet has been guaranteed to return NET_XMIT_SUCCESS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45016",
"url": "https://www.suse.com/security/cve/CVE-2024-45016"
},
{
"category": "external",
"summary": "SUSE Bug 1230429 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "external",
"summary": "SUSE Bug 1230998 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T12:33:47Z",
"details": "important"
}
],
"title": "CVE-2024-45016"
},
{
"cve": "CVE-2024-47684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: check skb is non-NULL in tcp_rto_delta_us()\n\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\nkernel that are running ceph and recently hit a null ptr dereference in\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\nsaw it getting hit from the RACK case as well. Here are examples of the oops\nmessages we saw in each of those cases:\n\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 \u003c48\u003e 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\nJul 26 15:05:02 rx [11061395.919488]\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47684",
"url": "https://www.suse.com/security/cve/CVE-2024-47684"
},
{
"category": "external",
"summary": "SUSE Bug 1231987 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231987"
},
{
"category": "external",
"summary": "SUSE Bug 1231993 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T12:33:47Z",
"details": "important"
}
],
"title": "CVE-2024-47684"
}
]
}
SUSE-SU-2025:0487-1
Vulnerability from csaf_suse - Published: 2025-02-12 17:04 - Updated: 2025-02-12 17:04Summary
Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)
Description of the patch: This update for the Linux Kernel 5.14.21-150500_55_73 fixes several issues.
The following security issues were fixed:
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230998).
- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993).
Patchnames: SUSE-2025-487,SUSE-2025-488,SUSE-2025-490,SUSE-SLE-Module-Live-Patching-15-SP3-2025-487,SUSE-SLE-Module-Live-Patching-15-SP5-2025-490
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
19 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150500_55_73 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230998).\n- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)\n- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-487,SUSE-2025-488,SUSE-2025-490,SUSE-SLE-Module-Live-Patching-15-SP3-2025-487,SUSE-SLE-Module-Live-Patching-15-SP5-2025-490",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0487-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0487-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250487-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0487-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020329.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229644",
"url": "https://bugzilla.suse.com/1229644"
},
{
"category": "self",
"summary": "SUSE Bug 1230998",
"url": "https://bugzilla.suse.com/1230998"
},
{
"category": "self",
"summary": "SUSE Bug 1231993",
"url": "https://bugzilla.suse.com/1231993"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48912 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47684 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47684/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)",
"tracking": {
"current_release_date": "2025-02-12T17:04:23Z",
"generator": {
"date": "2025-02-12T17:04:23Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0487-1",
"initial_release_date": "2025-02-12T17:04:23Z",
"revision_history": [
{
"date": "2025-02-12T17:04:23Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_164-default-8-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_164-default-8-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_164-default-8-150300.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_164-default-8-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_164-default-8-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_164-default-8-150300.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_147-preempt-17-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_147-preempt-17-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_147-preempt-17-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_164-default-8-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_164-default-8-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_164-default-8-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_164-preempt-8-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_164-preempt-8-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_164-preempt-8-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-48912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: fix use-after-free in __nf_register_net_hook()\n\nWe must not dereference @new_hooks after nf_hook_mutex has been released,\nbecause other threads might have freed our allocated hooks already.\n\nBUG: KASAN: use-after-free in nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\nBUG: KASAN: use-after-free in hooks_validate net/netfilter/core.c:171 [inline]\nBUG: KASAN: use-after-free in __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\nRead of size 2 at addr ffff88801c1a8000 by task syz-executor237/4430\n\nCPU: 1 PID: 4430 Comm: syz-executor237 Not tainted 5.17.0-rc5-syzkaller-00306-g2293be58d6a1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x336 mm/kasan/report.c:255\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\n nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\n hooks_validate net/netfilter/core.c:171 [inline]\n __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\n nf_register_net_hook+0x114/0x170 net/netfilter/core.c:571\n nf_register_net_hooks+0x59/0xc0 net/netfilter/core.c:587\n nf_synproxy_ipv6_init+0x85/0xe0 net/netfilter/nf_synproxy_core.c:1218\n synproxy_tg6_check+0x30d/0x560 net/ipv6/netfilter/ip6t_SYNPROXY.c:81\n xt_check_target+0x26c/0x9e0 net/netfilter/x_tables.c:1038\n check_target net/ipv6/netfilter/ip6_tables.c:530 [inline]\n find_check_entry.constprop.0+0x7f1/0x9e0 net/ipv6/netfilter/ip6_tables.c:573\n translate_table+0xc8b/0x1750 net/ipv6/netfilter/ip6_tables.c:735\n do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]\n do_ip6t_set_ctl+0x56e/0xb90 net/ipv6/netfilter/ip6_tables.c:1639\n nf_setsockopt+0x83/0xe0 net/netfilter/nf_sockopt.c:101\n ipv6_setsockopt+0x122/0x180 net/ipv6/ipv6_sockglue.c:1024\n rawv6_setsockopt+0xd3/0x6a0 net/ipv6/raw.c:1084\n __sys_setsockopt+0x2db/0x610 net/socket.c:2180\n __do_sys_setsockopt net/socket.c:2191 [inline]\n __se_sys_setsockopt net/socket.c:2188 [inline]\n __x64_sys_setsockopt+0xba/0x150 net/socket.c:2188\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f65a1ace7d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f65a1a7f308 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f65a1ace7d9\nRDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003\nRBP: 00007f65a1b574c8 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000000 R11: 0000000000000246 R12: 00007f65a1b55130\nR13: 00007f65a1b574c0 R14: 00007f65a1b24090 R15: 0000000000022000\n \u003c/TASK\u003e\n\nThe buggy address belongs to the page:\npage:ffffea0000706a00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c1a8\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000000000 ffffea0001c1b108 ffffea000046dd08 0000000000000000\nraw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 2, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 4430, ts 1061781545818, free_ts 1061791488993\n prep_new_page mm/page_alloc.c:2434 [inline]\n get_page_from_freelist+0xa72/0x2f50 mm/page_alloc.c:4165\n __alloc_pages+0x1b2/0x500 mm/page_alloc.c:5389\n __alloc_pages_node include/linux/gfp.h:572 [inline]\n alloc_pages_node include/linux/gfp.h:595 [inline]\n kmalloc_large_node+0x62/0x130 mm/slub.c:4438\n __kmalloc_node+0x35a/0x4a0 mm/slub.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48912",
"url": "https://www.suse.com/security/cve/CVE-2022-48912"
},
{
"category": "external",
"summary": "SUSE Bug 1229641 for CVE-2022-48912",
"url": "https://bugzilla.suse.com/1229641"
},
{
"category": "external",
"summary": "SUSE Bug 1229644 for CVE-2022-48912",
"url": "https://bugzilla.suse.com/1229644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T17:04:23Z",
"details": "important"
}
],
"title": "CVE-2022-48912"
},
{
"cve": "CVE-2024-45016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: fix return value if duplicate enqueue fails\n\nThere is a bug in netem_enqueue() introduced by\ncommit 5845f706388a (\"net: netem: fix skb length BUG_ON in __skb_to_sgvec\")\nthat can lead to a use-after-free.\n\nThis commit made netem_enqueue() always return NET_XMIT_SUCCESS\nwhen a packet is duplicated, which can cause the parent qdisc\u0027s q.qlen\nto be mistakenly incremented. When this happens qlen_notify() may be\nskipped on the parent during destruction, leaving a dangling pointer\nfor some classful qdiscs like DRR.\n\nThere are two ways for the bug happen:\n\n- If the duplicated packet is dropped by rootq-\u003eenqueue() and then\n the original packet is also dropped.\n- If rootq-\u003eenqueue() sends the duplicated packet to a different qdisc\n and the original packet is dropped.\n\nIn both cases NET_XMIT_SUCCESS is returned even though no packets\nare enqueued at the netem qdisc.\n\nThe fix is to defer the enqueue of the duplicate packet until after\nthe original packet has been guaranteed to return NET_XMIT_SUCCESS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45016",
"url": "https://www.suse.com/security/cve/CVE-2024-45016"
},
{
"category": "external",
"summary": "SUSE Bug 1230429 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "external",
"summary": "SUSE Bug 1230998 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T17:04:23Z",
"details": "important"
}
],
"title": "CVE-2024-45016"
},
{
"cve": "CVE-2024-47684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: check skb is non-NULL in tcp_rto_delta_us()\n\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\nkernel that are running ceph and recently hit a null ptr dereference in\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\nsaw it getting hit from the RACK case as well. Here are examples of the oops\nmessages we saw in each of those cases:\n\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 \u003c48\u003e 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\nJul 26 15:05:02 rx [11061395.919488]\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47684",
"url": "https://www.suse.com/security/cve/CVE-2024-47684"
},
{
"category": "external",
"summary": "SUSE Bug 1231987 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231987"
},
{
"category": "external",
"summary": "SUSE Bug 1231993 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T17:04:23Z",
"details": "important"
}
],
"title": "CVE-2024-47684"
}
]
}
SUSE-SU-2025:0489-1
Vulnerability from csaf_suse - Published: 2025-02-12 19:03 - Updated: 2025-02-12 19:03Summary
Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)
Description of the patch: This update for the Linux Kernel 5.14.21-150500_55_49 fixes several issues.
The following security issues were fixed:
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230998).
- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
- CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)
- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993).
Patchnames: SUSE-2025-489,SUSE-2025-496,SUSE-SLE-Module-Live-Patching-15-SP4-2025-489,SUSE-SLE-Module-Live-Patching-15-SP5-2025-496
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150500_55_49 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230998).\n- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)\n- CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)\n- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-489,SUSE-2025-496,SUSE-SLE-Module-Live-Patching-15-SP4-2025-489,SUSE-SLE-Module-Live-Patching-15-SP5-2025-496",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0489-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0489-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250489-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0489-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020328.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229644",
"url": "https://bugzilla.suse.com/1229644"
},
{
"category": "self",
"summary": "SUSE Bug 1229663",
"url": "https://bugzilla.suse.com/1229663"
},
{
"category": "self",
"summary": "SUSE Bug 1230998",
"url": "https://bugzilla.suse.com/1230998"
},
{
"category": "self",
"summary": "SUSE Bug 1231993",
"url": "https://bugzilla.suse.com/1231993"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48912 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48923 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47684 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47684/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)",
"tracking": {
"current_release_date": "2025-02-12T19:03:54Z",
"generator": {
"date": "2025-02-12T19:03:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0489-1",
"initial_release_date": "2025-02-12T19:03:54Z",
"revision_history": [
{
"date": "2025-02-12T19:03:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-48912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: fix use-after-free in __nf_register_net_hook()\n\nWe must not dereference @new_hooks after nf_hook_mutex has been released,\nbecause other threads might have freed our allocated hooks already.\n\nBUG: KASAN: use-after-free in nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\nBUG: KASAN: use-after-free in hooks_validate net/netfilter/core.c:171 [inline]\nBUG: KASAN: use-after-free in __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\nRead of size 2 at addr ffff88801c1a8000 by task syz-executor237/4430\n\nCPU: 1 PID: 4430 Comm: syz-executor237 Not tainted 5.17.0-rc5-syzkaller-00306-g2293be58d6a1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0x8d/0x336 mm/kasan/report.c:255\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\n nf_hook_entries_get_hook_ops include/linux/netfilter.h:130 [inline]\n hooks_validate net/netfilter/core.c:171 [inline]\n __nf_register_net_hook+0x77a/0x820 net/netfilter/core.c:438\n nf_register_net_hook+0x114/0x170 net/netfilter/core.c:571\n nf_register_net_hooks+0x59/0xc0 net/netfilter/core.c:587\n nf_synproxy_ipv6_init+0x85/0xe0 net/netfilter/nf_synproxy_core.c:1218\n synproxy_tg6_check+0x30d/0x560 net/ipv6/netfilter/ip6t_SYNPROXY.c:81\n xt_check_target+0x26c/0x9e0 net/netfilter/x_tables.c:1038\n check_target net/ipv6/netfilter/ip6_tables.c:530 [inline]\n find_check_entry.constprop.0+0x7f1/0x9e0 net/ipv6/netfilter/ip6_tables.c:573\n translate_table+0xc8b/0x1750 net/ipv6/netfilter/ip6_tables.c:735\n do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]\n do_ip6t_set_ctl+0x56e/0xb90 net/ipv6/netfilter/ip6_tables.c:1639\n nf_setsockopt+0x83/0xe0 net/netfilter/nf_sockopt.c:101\n ipv6_setsockopt+0x122/0x180 net/ipv6/ipv6_sockglue.c:1024\n rawv6_setsockopt+0xd3/0x6a0 net/ipv6/raw.c:1084\n __sys_setsockopt+0x2db/0x610 net/socket.c:2180\n __do_sys_setsockopt net/socket.c:2191 [inline]\n __se_sys_setsockopt net/socket.c:2188 [inline]\n __x64_sys_setsockopt+0xba/0x150 net/socket.c:2188\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f65a1ace7d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f65a1a7f308 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f65a1ace7d9\nRDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003\nRBP: 00007f65a1b574c8 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000000 R11: 0000000000000246 R12: 00007f65a1b55130\nR13: 00007f65a1b574c0 R14: 00007f65a1b24090 R15: 0000000000022000\n \u003c/TASK\u003e\n\nThe buggy address belongs to the page:\npage:ffffea0000706a00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c1a8\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000000000 ffffea0001c1b108 ffffea000046dd08 0000000000000000\nraw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 2, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 4430, ts 1061781545818, free_ts 1061791488993\n prep_new_page mm/page_alloc.c:2434 [inline]\n get_page_from_freelist+0xa72/0x2f50 mm/page_alloc.c:4165\n __alloc_pages+0x1b2/0x500 mm/page_alloc.c:5389\n __alloc_pages_node include/linux/gfp.h:572 [inline]\n alloc_pages_node include/linux/gfp.h:595 [inline]\n kmalloc_large_node+0x62/0x130 mm/slub.c:4438\n __kmalloc_node+0x35a/0x4a0 mm/slub.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48912",
"url": "https://www.suse.com/security/cve/CVE-2022-48912"
},
{
"category": "external",
"summary": "SUSE Bug 1229641 for CVE-2022-48912",
"url": "https://bugzilla.suse.com/1229641"
},
{
"category": "external",
"summary": "SUSE Bug 1229644 for CVE-2022-48912",
"url": "https://bugzilla.suse.com/1229644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T19:03:54Z",
"details": "important"
}
],
"title": "CVE-2022-48912"
},
{
"cve": "CVE-2022-48923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: prevent copying too big compressed lzo segment\n\nCompressed length can be corrupted to be a lot larger than memory\nwe have allocated for buffer.\nThis will cause memcpy in copy_compressed_segment to write outside\nof allocated memory.\n\nThis mostly results in stuck read syscall but sometimes when using\nbtrfs send can get #GP\n\n kernel: general protection fault, probably for non-canonical address 0x841551d5c1000: 0000 [#1] PREEMPT SMP NOPTI\n kernel: CPU: 17 PID: 264 Comm: kworker/u256:7 Tainted: P OE 5.17.0-rc2-1 #12\n kernel: Workqueue: btrfs-endio btrfs_work_helper [btrfs]\n kernel: RIP: 0010:lzo_decompress_bio (./include/linux/fortify-string.h:225 fs/btrfs/lzo.c:322 fs/btrfs/lzo.c:394) btrfs\n Code starting with the faulting instruction\n ===========================================\n 0:* 48 8b 06 mov (%rsi),%rax \u003c-- trapping instruction\n 3: 48 8d 79 08 lea 0x8(%rcx),%rdi\n 7: 48 83 e7 f8 and $0xfffffffffffffff8,%rdi\n b: 48 89 01 mov %rax,(%rcx)\n e: 44 89 f0 mov %r14d,%eax\n 11: 48 8b 54 06 f8 mov -0x8(%rsi,%rax,1),%rdx\n kernel: RSP: 0018:ffffb110812efd50 EFLAGS: 00010212\n kernel: RAX: 0000000000001000 RBX: 000000009ca264c8 RCX: ffff98996e6d8ff8\n kernel: RDX: 0000000000000064 RSI: 000841551d5c1000 RDI: ffffffff9500435d\n kernel: RBP: ffff989a3be856c0 R08: 0000000000000000 R09: 0000000000000000\n kernel: R10: 0000000000000000 R11: 0000000000001000 R12: ffff98996e6d8000\n kernel: R13: 0000000000000008 R14: 0000000000001000 R15: 000841551d5c1000\n kernel: FS: 0000000000000000(0000) GS:ffff98a09d640000(0000) knlGS:0000000000000000\n kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n kernel: CR2: 00001e9f984d9ea8 CR3: 000000014971a000 CR4: 00000000003506e0\n kernel: Call Trace:\n kernel: \u003cTASK\u003e\n kernel: end_compressed_bio_read (fs/btrfs/compression.c:104 fs/btrfs/compression.c:1363 fs/btrfs/compression.c:323) btrfs\n kernel: end_workqueue_fn (fs/btrfs/disk-io.c:1923) btrfs\n kernel: btrfs_work_helper (fs/btrfs/async-thread.c:326) btrfs\n kernel: process_one_work (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:212 ./include/trace/events/workqueue.h:108 kernel/workqueue.c:2312)\n kernel: worker_thread (./include/linux/list.h:292 kernel/workqueue.c:2455)\n kernel: ? process_one_work (kernel/workqueue.c:2397)\n kernel: kthread (kernel/kthread.c:377)\n kernel: ? kthread_complete_and_exit (kernel/kthread.c:332)\n kernel: ret_from_fork (arch/x86/entry/entry_64.S:301)\n kernel: \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48923",
"url": "https://www.suse.com/security/cve/CVE-2022-48923"
},
{
"category": "external",
"summary": "SUSE Bug 1229662 for CVE-2022-48923",
"url": "https://bugzilla.suse.com/1229662"
},
{
"category": "external",
"summary": "SUSE Bug 1229663 for CVE-2022-48923",
"url": "https://bugzilla.suse.com/1229663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T19:03:54Z",
"details": "important"
}
],
"title": "CVE-2022-48923"
},
{
"cve": "CVE-2024-45016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: fix return value if duplicate enqueue fails\n\nThere is a bug in netem_enqueue() introduced by\ncommit 5845f706388a (\"net: netem: fix skb length BUG_ON in __skb_to_sgvec\")\nthat can lead to a use-after-free.\n\nThis commit made netem_enqueue() always return NET_XMIT_SUCCESS\nwhen a packet is duplicated, which can cause the parent qdisc\u0027s q.qlen\nto be mistakenly incremented. When this happens qlen_notify() may be\nskipped on the parent during destruction, leaving a dangling pointer\nfor some classful qdiscs like DRR.\n\nThere are two ways for the bug happen:\n\n- If the duplicated packet is dropped by rootq-\u003eenqueue() and then\n the original packet is also dropped.\n- If rootq-\u003eenqueue() sends the duplicated packet to a different qdisc\n and the original packet is dropped.\n\nIn both cases NET_XMIT_SUCCESS is returned even though no packets\nare enqueued at the netem qdisc.\n\nThe fix is to defer the enqueue of the duplicate packet until after\nthe original packet has been guaranteed to return NET_XMIT_SUCCESS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45016",
"url": "https://www.suse.com/security/cve/CVE-2024-45016"
},
{
"category": "external",
"summary": "SUSE Bug 1230429 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "external",
"summary": "SUSE Bug 1230998 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T19:03:54Z",
"details": "important"
}
],
"title": "CVE-2024-45016"
},
{
"cve": "CVE-2024-47684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: check skb is non-NULL in tcp_rto_delta_us()\n\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\nkernel that are running ceph and recently hit a null ptr dereference in\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\nsaw it getting hit from the RACK case as well. Here are examples of the oops\nmessages we saw in each of those cases:\n\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 \u003c48\u003e 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\nJul 26 15:05:02 rx [11061395.919488]\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47684",
"url": "https://www.suse.com/security/cve/CVE-2024-47684"
},
{
"category": "external",
"summary": "SUSE Bug 1231987 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231987"
},
{
"category": "external",
"summary": "SUSE Bug 1231993 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-12T19:03:54Z",
"details": "important"
}
],
"title": "CVE-2024-47684"
}
]
}
WID-SEC-W-2024-1898
Vulnerability from csaf_certbund - Published: 2024-08-21 22:00 - Updated: 2025-08-06 22:00Summary
Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder einen unspezifischen Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell PowerProtect Data Domain Management Center
Dell
|
cpe:/a:dell:powerprotect_data_domain_management_center:-
|
— | |
|
Dell PowerProtect Data Domain
Dell
|
cpe:/a:dell:powerprotect_data_domain:-
|
— | |
|
IBM Spectrum Protect Plus 10.1
IBM / Spectrum Protect Plus
|
cpe:/a:ibm:spectrum_protect_plus:10.1
|
10.1 | |
|
Dell PowerProtect Data Domain OS
Dell
|
cpe:/o:dell:powerprotect_data_domain_os:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM DB2 on Cloud Pak for Data
IBM / DB2
|
cpe:/a:ibm:db2:on_cloud_pak_for_data
|
on Cloud Pak for Data | |
|
IBM QRadar SIEM <7.5.0 UP13
IBM / QRadar SIEM
|
<7.5.0 UP13 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
References
117 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder einen unspezifischen Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1898 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1898.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1898 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1898"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-4j2g-pw4f-5hg9 vom 2024-08-21",
"url": "https://github.com/advisories/GHSA-4j2g-pw4f-5hg9"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-f2cf-vg85-495f vom 2024-08-21",
"url": "https://github.com/advisories/GHSA-f2cf-vg85-495f"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48905 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082212-CVE-2022-48905-4c70@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48908 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082213-CVE-2022-48908-27ec@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48909 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082214-CVE-2022-48909-9726@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48910 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082214-CVE-2022-48910-a749@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48911 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082215-CVE-2022-48911-45bc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48912 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082215-CVE-2022-48912-3f55@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48913 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082215-CVE-2022-48913-94d0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48914 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082216-CVE-2022-48914-97e1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48927 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082221-CVE-2022-48927-392a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48928 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082221-CVE-2022-48928-bd61@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48929 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082222-CVE-2022-48929-857d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48930 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082222-CVE-2022-48930-9bda@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48931 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082222-CVE-2022-48931-ec5b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48932 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082223-CVE-2022-48932-9dc7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48933 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082223-CVE-2022-48933-6ebb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48934 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082224-CVE-2022-48934-6f50@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48935 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082224-CVE-2022-48935-7aa2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48936 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082224-CVE-2022-48936-9302@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48937 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082225-CVE-2022-48937-d289@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48938 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082225-CVE-2022-48938-4501@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48939 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082226-CVE-2022-48939-ff01@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48940 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082226-CVE-2022-48940-da55@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48941 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082226-CVE-2022-48941-32f7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48942 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082227-CVE-2022-48942-ca91@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-48943 vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/2024082227-CVE-2022-48943-8e11@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcements vom 2024-08-21",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6979-1 vom 2024-08-22",
"url": "https://ubuntu.com/security/notices/USN-6979-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3195-1 vom 2024-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019407.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3194-1 vom 2024-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019400.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3190-1 vom 2024-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019403.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3189-1 vom 2024-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019404.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12610 vom 2024-09-12",
"url": "https://linux.oracle.com/errata/ELSA-2024-12610.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12618 vom 2024-09-12",
"url": "https://linux.oracle.com/errata/ELSA-2024-12618.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3209-1 vom 2024-09-11",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/YNWVZVIFSX7PLBJX3I3PDZ4MIBERTN2Y/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12611 vom 2024-09-11",
"url": "https://linux.oracle.com/errata/ELSA-2024-12611.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12612 vom 2024-09-12",
"url": "https://linux.oracle.com/errata/ELSA-2024-12612.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3225-1 vom 2024-09-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019432.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3227-1 vom 2024-09-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019430.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3251-1 vom 2024-09-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019435.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3252-1 vom 2024-09-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019436.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3249-1 vom 2024-09-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019438.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3383-1 vom 2024-09-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019497.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3408-1 vom 2024-09-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/TGC7PQ5QNGEZWYIHCKH2KPZMGYJ4VN6B/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3467-1 vom 2024-09-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019532.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3483-1 vom 2024-09-29",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/2HO244EHQ65DPDJ2NOBAXLG7QYWSCUMA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3499-1 vom 2024-09-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019536.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3547-1 vom 2024-10-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019566.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3566-1 vom 2024-10-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019578.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3569-1 vom 2024-10-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/6GBL67LQ3MUSYQCQRQH2AZH3XWILTO5A/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3565-1 vom 2024-10-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019573.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3559-1 vom 2024-10-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019575.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3567-1 vom 2024-10-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019577.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3563-1 vom 2024-10-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019579.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3592-1 vom 2024-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019589.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3585-1 vom 2024-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019586.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3591-1 vom 2024-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019587.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3587-1 vom 2024-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019588.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12779 vom 2024-10-14",
"url": "https://linux.oracle.com/errata/ELSA-2024-12779.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8856 vom 2024-11-05",
"url": "https://access.redhat.com/errata/RHSA-2024:8856"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8870 vom 2024-11-05",
"url": "https://access.redhat.com/errata/RHSA-2024:8870"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-8856 vom 2024-11-06",
"url": "https://linux.oracle.com/errata/ELSA-2024-8856.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:8870 vom 2024-11-08",
"url": "https://errata.build.resf.org/RLSA-2024:8870"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9315 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9315"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7121-1 vom 2024-11-20",
"url": "https://ubuntu.com/security/notices/USN-7121-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7122-1 vom 2024-11-20",
"url": "https://ubuntu.com/security/notices/USN-7122-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7121-2 vom 2024-11-20",
"url": "https://ubuntu.com/security/notices/USN-7121-2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10262 vom 2024-11-26",
"url": "https://access.redhat.com/errata/RHSA-2024:10262"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7121-3 vom 2024-11-25",
"url": "https://ubuntu.com/security/notices/USN-7121-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7148-1 vom 2024-12-10",
"url": "https://ubuntu.com/security/notices/USN-7148-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7159-1 vom 2024-12-12",
"url": "https://ubuntu.com/security/notices/USN-7159-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7159-2 vom 2024-12-18",
"url": "https://ubuntu.com/security/notices/USN-7166-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7159-2 vom 2024-12-17",
"url": "https://ubuntu.com/security/notices/USN-7159-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7159-2 vom 2024-12-18",
"url": "https://ubuntu.com/security/notices/USN-7159-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7159-4 vom 2024-12-20",
"url": "https://ubuntu.com/security/notices/USN-7159-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7159-5 vom 2025-01-06",
"url": "https://ubuntu.com/security/notices/USN-7159-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7195-1 vom 2025-01-09",
"url": "https://ubuntu.com/security/notices/USN-7195-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7195-2 vom 2025-01-14",
"url": "https://ubuntu.com/security/notices/USN-7195-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0455-1 vom 2025-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020321.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0487-1 vom 2025-02-12",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/QIBJK3XANPM2U6AEOTGJ27N3L472DCRE/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0486-1 vom 2025-02-12",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/XWFV7VUE5TX6GKXVI46R6ZIDRFEXHKUZ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0489-1 vom 2025-02-12",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/OCZ53J3OQFQB3VZIF7V6BL32FWNAV3CH/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0462-1 vom 2025-02-12",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CNVHBWUSJZEY34QR6GDPRY55WG3UIDSL/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0449-1 vom 2025-02-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020322.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0465-1 vom 2025-02-12",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/IZBNMZ4JWAINQUJYDC5JJYGAKWUST46Z/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0462-1 vom 2025-02-12",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/CNVHBWUSJZEY34QR6GDPRY55WG3UIDSL/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0892-1 vom 2025-03-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020526.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0893-1 vom 2025-03-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020534.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0897-1 vom 2025-03-18",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/LA4OPTWWYEP2ZCDY5VK3PVS6P2FHDCPO/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0898-1 vom 2025-03-18",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/SUPADNIG6CVSVE3GIECLRHDQFDH5YSSB/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0916-1 vom 2025-03-19",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3G6SX3PAUJQY5KBBE7N7QVZMCC5RMLLM/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0903-1 vom 2025-03-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020537.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0904-1 vom 2025-03-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020536.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0906-1 vom 2025-03-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020539.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0917-1 vom 2025-03-19",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4QSDDY3MMRA6J6OVKONDM3ZBWSDU7FXC/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0908-1 vom 2025-03-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020545.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0920-1 vom 2025-03-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020553.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0944-1 vom 2025-03-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020558.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0942-1 vom 2025-03-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020546.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0927-1 vom 2025-03-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020550.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0950-1 vom 2025-03-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020556.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0943-1 vom 2025-03-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020548.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7229443 vom 2025-03-28",
"url": "https://www.ibm.com/support/pages/node/7229443"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7233232 vom 2025-05-13",
"url": "https://www.ibm.com/support/pages/node/7233232"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01620-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020867.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01640-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020861.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20028-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021386.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20044-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021334.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9581 vom 2025-06-25",
"url": "https://access.redhat.com/errata/RHSA-2025:9581"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-9580 vom 2025-06-26",
"url": "https://linux.oracle.com/errata/ELSA-2025-9580.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9580 vom 2025-06-25",
"url": "https://access.redhat.com/errata/RHSA-2025:9580"
},
{
"category": "external",
"summary": "Security Update for Dell PowerProtect Data Domain",
"url": "https://www.dell.com/support/kbdoc/en-us/000348708/dsa-2025-159-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241589 vom 2025-08-06",
"url": "https://www.ibm.com/support/pages/node/7241589"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2025-08-06T22:00:00.000+00:00",
"generator": {
"date": "2025-08-07T08:49:33.237+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2024-1898",
"initial_release_date": "2024-08-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-08-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-08-22T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-09-10T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-09-11T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux und SUSE aufgenommen"
},
{
"date": "2024-09-12T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-09-16T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-09-23T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-09-29T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-09-30T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-10-08T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-10-09T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-10-10T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-10-14T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-11-04T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-05T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-11-10T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-11-12T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-19T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-11-20T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-11-25T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat und Ubuntu aufgenommen"
},
{
"date": "2024-12-10T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-12-12T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-12-17T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-12-22T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-01-06T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-01-09T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-01-14T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-02-12T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-17T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-18T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-19T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-30T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-05-13T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-05-21T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-04T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-25T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2025-08-04T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-08-06T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "39"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain",
"product": {
"name": "Dell PowerProtect Data Domain",
"product_id": "T045852",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:-"
}
}
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain Management Center",
"product": {
"name": "Dell PowerProtect Data Domain Management Center",
"product_id": "T045853",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain_management_center:-"
}
}
},
{
"category": "product_name",
"name": "Dell PowerProtect Data Domain OS",
"product": {
"name": "Dell PowerProtect Data Domain OS",
"product_id": "T045854",
"product_identification_helper": {
"cpe": "cpe:/o:dell:powerprotect_data_domain_os:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "on Cloud Pak for Data",
"product": {
"name": "IBM DB2 on Cloud Pak for Data",
"product_id": "T042208",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:on_cloud_pak_for_data"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP13",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP13",
"product_id": "T045828"
}
},
{
"category": "product_version",
"name": "7.5.0 UP13",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP13",
"product_id": "T045828-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up13"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"branches": [
{
"category": "product_version",
"name": "10.1",
"product": {
"name": "IBM Spectrum Protect Plus 10.1",
"product_id": "T043600",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect Plus"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T029677",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4441",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2021-4441"
},
{
"cve": "CVE-2022-48901",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48901"
},
{
"cve": "CVE-2022-48902",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48902"
},
{
"cve": "CVE-2022-48903",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48903"
},
{
"cve": "CVE-2022-48904",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48904"
},
{
"cve": "CVE-2022-48905",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48905"
},
{
"cve": "CVE-2022-48906",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48906"
},
{
"cve": "CVE-2022-48907",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48907"
},
{
"cve": "CVE-2022-48908",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48908"
},
{
"cve": "CVE-2022-48909",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48909"
},
{
"cve": "CVE-2022-48910",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48910"
},
{
"cve": "CVE-2022-48911",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48911"
},
{
"cve": "CVE-2022-48912",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48912"
},
{
"cve": "CVE-2022-48913",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48913"
},
{
"cve": "CVE-2022-48914",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48914"
},
{
"cve": "CVE-2022-48915",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48915"
},
{
"cve": "CVE-2022-48916",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48916"
},
{
"cve": "CVE-2022-48917",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48917"
},
{
"cve": "CVE-2022-48918",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48918"
},
{
"cve": "CVE-2022-48919",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48919"
},
{
"cve": "CVE-2022-48920",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48920"
},
{
"cve": "CVE-2022-48921",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48921"
},
{
"cve": "CVE-2022-48922",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48922"
},
{
"cve": "CVE-2022-48923",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48923"
},
{
"cve": "CVE-2022-48924",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48924"
},
{
"cve": "CVE-2022-48925",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48925"
},
{
"cve": "CVE-2022-48926",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48926"
},
{
"cve": "CVE-2022-48927",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48927"
},
{
"cve": "CVE-2022-48928",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48928"
},
{
"cve": "CVE-2022-48929",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48929"
},
{
"cve": "CVE-2022-48930",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48930"
},
{
"cve": "CVE-2022-48931",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48931"
},
{
"cve": "CVE-2022-48932",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48932"
},
{
"cve": "CVE-2022-48933",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48933"
},
{
"cve": "CVE-2022-48934",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48934"
},
{
"cve": "CVE-2022-48935",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48935"
},
{
"cve": "CVE-2022-48936",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48936"
},
{
"cve": "CVE-2022-48937",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48937"
},
{
"cve": "CVE-2022-48938",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48938"
},
{
"cve": "CVE-2022-48939",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48939"
},
{
"cve": "CVE-2022-48940",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48940"
},
{
"cve": "CVE-2022-48941",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48941"
},
{
"cve": "CVE-2022-48942",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48942"
},
{
"cve": "CVE-2022-48943",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2022-48943"
},
{
"cve": "CVE-2024-37353",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2024-37353"
},
{
"cve": "CVE-2024-42143",
"product_status": {
"known_affected": [
"T045853",
"T045852",
"T043600",
"T045854",
"T002207",
"67646",
"T000126",
"T042208",
"T045828",
"T004914",
"T029677",
"T032255"
]
},
"release_date": "2024-08-21T22:00:00.000+00:00",
"title": "CVE-2024-42143"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…