SUSE-SU-2024:3617-1

Details

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
CVE-2024-40902: jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227764).
CVE-2024-42104: nilfs2: add missing check for inode numbers on directory entries (bsc#1228654).
CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).

The following non-security bugs were fixed:

alarmtimer: Lock k_itimer during timer callback (bsc#1214298).
alarmtimers: Add alarm_forward functionality (bsc#1214298).
alarmtimers: Change alarmtimer functions to return alarmtimer_restart (bsc#1214298).
alarmtimers: Push rearming peroidic timers down into alamrtimer (bsc#1214298).
alarmtimers: Remove interval cap limit hack (bsc#1214298).
kABI fix for alarmtimer_restart functionality (bsc#1214298).
kABI fix update for alarm_forward (bsc#1214298).

Affected Packages(14 packages)

kernel-default

SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE

Fixed in:

3.0.101-108.165.1

kernel-default-base

SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE

Fixed in:

3.0.101-108.165.1

kernel-default-devel

SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE

Fixed in: