The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002)
- CVE-2022-48919: Fix double free race when mount fails in cifs_get_root() (bsc#1229657).
- CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
- CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
- CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
- CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
The following non-security bugs were fixed:
- fuse: fix SetPageUptodate() condition in STORE (bsc#1229456).
- reiserfs: fix 'new_insert_key may be used uninitialized ...' (bsc#1228938).
- scsi: pm80xx: Fix TMF task completion race condition (bsc#1228002)