{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-livepatch-5_3_18-150300_59_158-default":"17-150300.2.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Live Patching 15 SP3","name":"kernel-livepatch-SLE15-SP3_Update_43","purl":"pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_43&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"17-150300.2.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for the Linux Kernel 5.3.18-150300_59_158 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-8805: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (bsc#1240840).\n- CVE-2023-52885: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (bsc#1227753).\n- CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233294).\n- CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431).\n","id":"SUSE-SU-2025:1448-1","modified":"2025-05-05T06:37:02Z","published":"2025-05-05T06:37:02Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20251448-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227753"},{"type":"REPORT","url":"https://bugzilla.suse.com/1233294"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235431"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240840"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-52885"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-50205"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-56650"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-8805"}],"related":["CVE-2023-52885","CVE-2024-50205","CVE-2024-56650","CVE-2024-8805"],"summary":"Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3)","upstream":["CVE-2023-52885","CVE-2024-50205","CVE-2024-56650","CVE-2024-8805"]}