SUSE Container Update Advisory: 
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:4512-1
Container Tags        : suse/sle-micro-rancher/5.4:latest
Container Release     : 3.2.333
Severity              : important
Type                  : security
References            : 1193629 1194111 1194765 1194869 1196261 1196516 1196894 1198017
                        1203360 1206006 1206258 1207158 1216834 1221326 1221645 1223191
                        1224105 1227832 1228020 1228114 1228466 1228489 1228516 1228576
                        1228718 1228801 1228959 1229042 1229292 1229400 1229454 1229500
                        1229503 1229506 1229507 1229508 1229509 1229510 1229512 1229516
                        1229522 1229526 1229528 1229531 1229533 1229535 1229536 1229537
                        1229540 1229544 1229554 1229557 1229565 1229566 1229568 1229581
                        1229598 1229603 1229604 1229608 1229611 1229612 1229613 1229614
                        1229617 1229619 1229620 1229622 1229623 1229624 1229625 1229626
                        1229628 1229629 1229630 1229631 1229635 1229636 1229637 1229638
                        1229639 1229641 1229642 1229643 1229645 1229657 1229664 1229707
                        1229792 1230245 1230413 CVE-2021-4441 CVE-2022-4382 CVE-2022-48868
                        CVE-2022-48869 CVE-2022-48870 CVE-2022-48871 CVE-2022-48872 CVE-2022-48873
                        CVE-2022-48875 CVE-2022-48878 CVE-2022-48880 CVE-2022-48890 CVE-2022-48891
                        CVE-2022-48896 CVE-2022-48898 CVE-2022-48899 CVE-2022-48903 CVE-2022-48904
                        CVE-2022-48905 CVE-2022-48907 CVE-2022-48909 CVE-2022-48912 CVE-2022-48913
                        CVE-2022-48914 CVE-2022-48915 CVE-2022-48916 CVE-2022-48917 CVE-2022-48918
                        CVE-2022-48919 CVE-2022-48921 CVE-2022-48924 CVE-2022-48925 CVE-2022-48926
                        CVE-2022-48927 CVE-2022-48928 CVE-2022-48929 CVE-2022-48930 CVE-2022-48931
                        CVE-2022-48932 CVE-2022-48934 CVE-2022-48935 CVE-2022-48937 CVE-2022-48938
                        CVE-2022-48941 CVE-2022-48942 CVE-2022-48943 CVE-2023-52489 CVE-2023-52893
                        CVE-2023-52894 CVE-2023-52896 CVE-2023-52898 CVE-2023-52900 CVE-2023-52901
                        CVE-2023-52905 CVE-2023-52907 CVE-2023-52911 CVE-2024-40910 CVE-2024-41009
                        CVE-2024-41011 CVE-2024-41062 CVE-2024-41087 CVE-2024-42077 CVE-2024-42126
                        CVE-2024-42230 CVE-2024-42232 CVE-2024-42271 CVE-2024-43853 CVE-2024-43861
                        CVE-2024-43882 CVE-2024-43883 CVE-2024-44938 CVE-2024-44947 CVE-2024-45003
-----------------------------------------------------------------

The container  was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3408-1
Released:    Tue Sep 24 08:39:14 2024
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1193629,1194111,1194765,1194869,1196261,1196516,1196894,1198017,1203360,1206006,1206258,1207158,1216834,1221326,1221645,1223191,1224105,1227832,1228020,1228114,1228466,1228489,1228516,1228576,1228718,1228801,1228959,1229042,1229292,1229400,1229454,1229500,1229503,1229506,1229507,1229508,1229509,1229510,1229512,1229516,1229522,1229526,1229528,1229531,1229533,1229535,1229536,1229537,1229540,1229544,1229554,1229557,1229565,1229566,1229568,1229581,1229598,1229603,1229604,1229608,1229611,1229612,1229613,1229614,1229617,1229619,1229620,1229622,1229623,1229624,1229625,1229626,1229628,1229629,1229630,1229631,1229635,1229636,1229637,1229638,1229639,1229641,1229642,1229643,1229645,1229657,1229664,1229707,1229792,1230245,1230413,CVE-2021-4441,CVE-2022-4382,CVE-2022-48868,CVE-2022-48869,CVE-2022-48870,CVE-2022-48871,CVE-2022-48872,CVE-2022-48873,CVE-2022-48875,CVE-2022-48878,CVE-2022-48880,CVE-2022-48890,CVE-2022-48891,CVE-2022-48896,CVE-2022-48898,CVE-2022-48899,CVE-2022-48903,CVE-2022-48904,CVE-2022-48905,CVE-2022-48907,CVE-2022-48909,CVE-2022-48912,CVE-2022-48913,CVE-2022-48914,CVE-2022-48915,CVE-2022-48916,CVE-2022-48917,CVE-2022-48918,CVE-2022-48919,CVE-2022-48921,CVE-2022-48924,CVE-2022-48925,CVE-2022-48926,CVE-2022-48927,CVE-2022-48928,CVE-2022-48929,CVE-2022-48930,CVE-2022-48931,CVE-2022-48932,CVE-2022-48934,CVE-2022-48935,CVE-2022-48937,CVE-2022-48938,CVE-2022-48941,CVE-2022-48942,CVE-2022-48943,CVE-2023-52489,CVE-2023-52893,CVE-2023-52894,CVE-2023-52896,CVE-2023-52898,CVE-2023-52900,CVE-2023-52901,CVE-2023-52905,CVE-2023-52907,CVE-2023-52911,CVE-2024-40910,CVE-2024-41009,CVE-2024-41011,CVE-2024-41062,CVE-2024-41087,CVE-2024-42077,CVE-2024-42126,CVE-2024-42230,CVE-2024-42232,CVE-2024-42271,CVE-2024-43853,CVE-2024-43861,CVE-2024-43882,CVE-2024-43883,CVE-2024-44938,CVE-2024-44947,CVE-2024-45003

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
- CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
- CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
- CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326).
- CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792).
- CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466).
- CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
- CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619)
- CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
- CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400)
- CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959)
- CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832).
- CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020).
- CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).

The following non-security bugs were fixed:

- Bluetooth: L2CAP: Fix deadlock (git-fixes).
- mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
- mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
- Revert 'mm: prevent derefencing NULL ptr in pfn_section_valid()' (bsc#1230413).
- Revert 'mm, kmsan: fix infinite recursion due to RCU critical section' (bsc#1230413).
- Revert 'mm/sparsemem: fix race in accessing memory_section->usage' (bsc#1230413).
- nvme_core: scan namespaces asynchronously (bsc#1224105).


The following package changes have been done:

- kernel-default-5.14.21-150400.24.133.2 updated