SUSE Container Update Advisory: 
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:4351-1
Container Tags        : suse/sle-micro-rancher/5.2:latest
Container Release     : 7.5.411
Severity              : important
Type                  : security
References            : 1176447 1195668 1195928 1195957 1196018 1196516 1196823 1202346
                        1209636 1209799 1210629 1216834 1220185 1220186 1222251 1222728
                        1223948 1225109 1225584 1227832 1227924 1227928 1227932 1227935
                        1227941 1227942 1227945 1227952 1227964 1227969 1227985 1227987
                        1227988 1227989 1227997 1228000 1228002 1228004 1228005 1228006
                        1228015 1228020 1228037 1228045 1228060 1228062 1228066 1228114
                        1228516 1228576 1228959 1229400 1229454 1229500 1229503 1229510
                        1229512 1229598 1229604 1229607 1229620 1229621 1229624 1229626
                        1229629 1229630 1229637 1229641 1229657 1229707 CVE-2021-4441
                        CVE-2022-0854 CVE-2022-20368 CVE-2022-28748 CVE-2022-2964 CVE-2022-48686
                        CVE-2022-48775 CVE-2022-48778 CVE-2022-48787 CVE-2022-48788 CVE-2022-48789
                        CVE-2022-48790 CVE-2022-48791 CVE-2022-48798 CVE-2022-48802 CVE-2022-48805
                        CVE-2022-48811 CVE-2022-48823 CVE-2022-48824 CVE-2022-48827 CVE-2022-48834
                        CVE-2022-48835 CVE-2022-48836 CVE-2022-48837 CVE-2022-48838 CVE-2022-48839
                        CVE-2022-48843 CVE-2022-48851 CVE-2022-48853 CVE-2022-48856 CVE-2022-48857
                        CVE-2022-48858 CVE-2022-48872 CVE-2022-48873 CVE-2022-48901 CVE-2022-48905
                        CVE-2022-48912 CVE-2022-48917 CVE-2022-48919 CVE-2022-48925 CVE-2022-48926
                        CVE-2022-48928 CVE-2022-48930 CVE-2022-48933 CVE-2022-48934 CVE-2023-1582
                        CVE-2023-2176 CVE-2023-52854 CVE-2024-26583 CVE-2024-26584 CVE-2024-26800
                        CVE-2024-40910 CVE-2024-41009 CVE-2024-41011 CVE-2024-41062 CVE-2024-42077
                        CVE-2024-42232 CVE-2024-42271 CVE-2024-43861 CVE-2024-43882 CVE-2024-43883
                        CVE-2024-44947 
-----------------------------------------------------------------

The container  was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3249-1
Released:    Mon Sep 16 10:56:14 2024
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1176447,1195668,1195928,1195957,1196018,1196516,1196823,1202346,1209636,1209799,1210629,1216834,1220185,1220186,1222251,1222728,1223948,1225109,1225584,1227832,1227924,1227928,1227932,1227935,1227941,1227942,1227945,1227952,1227964,1227969,1227985,1227987,1227988,1227989,1227997,1228000,1228002,1228004,1228005,1228006,1228015,1228020,1228037,1228045,1228060,1228062,1228066,1228114,1228516,1228576,1228959,1229400,1229454,1229500,1229503,1229510,1229512,1229598,1229604,1229607,1229620,1229621,1229624,1229626,1229629,1229630,1229637,1229641,1229657,1229707,CVE-2021-4441,CVE-2022-0854,CVE-2022-20368,CVE-2022-28748,CVE-2022-2964,CVE-2022-48686,CVE-2022-48775,CVE-2022-48778,CVE-2022-48787,CVE-2022-48788,CVE-2022-48789,CVE-2022-48790,CVE-2022-48791,CVE-2022-48798,CVE-2022-48802,CVE-2022-48805,CVE-2022-48811,CVE-2022-48823,CVE-2022-48824,CVE-2022-48827,CVE-2022-48834,CVE-2022-48835,CVE-2022-48836,CVE-2022-48837,CVE-2022-48838,CVE-2022-48839,CVE-2022-48843,CVE-2022-48851,CVE-2022-48853,CVE-2022-48856,CVE-2022-48857,CVE-2022-48858,CVE-2022-48872,CVE-2022-48873,CVE-2022-48901,CVE-2022-48905,CVE-2022-48912,CVE-2022-48917,CVE-2022-48919,CVE-2022-48925,CVE-2022-48926,CVE-2022-48928,CVE-2022-48930,CVE-2022-48933,CVE-2022-48934,CVE-2023-1582,CVE-2023-2176,CVE-2023-52854,CVE-2024-26583,CVE-2024-26584,CVE-2024-26800,CVE-2024-40910,CVE-2024-41009,CVE-2024-41011,CVE-2024-41062,CVE-2024-42077,CVE-2024-42232,CVE-2024-42271,CVE-2024-43861,CVE-2024-43882,CVE-2024-43883,CVE-2024-44947

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
- CVE-2022-48919: Fix double free race when mount fails in cifs_get_root() (bsc#1229657).
- CVE-2023-52854: Fix refcnt handling in padata_free_shell() (bsc#1225584).
- CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
- CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
- CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
- CVE-2022-48872: Fix use-after-free race condition for maps (bsc#1229510).
- CVE-2022-48873: Do not remove map on creater_process and device_release (bsc#1229512).
- CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
- CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
- CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832).
- CVE-2022-48686: Fixed UAF when detecting digest errors (bsc#1223948).
- CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020).
- CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002)

The following non-security bugs were fixed:

- Bluetooth: L2CAP: Fix deadlock (git-fixes).
- powerpc: Remove support for PowerPC 601 (Remove unused and malformed assembly causing build error).
- sched/psi: use kernfs polling functions for PSI trigger polling (bsc#1209799 bsc#1225109).
- scsi: pm80xx: Fix TMF task completion race condition (bsc#1228002).


The following package changes have been done:

- kernel-default-5.3.18-150300.59.174.1 updated