Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 4 articles for you...
89
security advisorysecurity issuefedoraFedora 43: Sigil 2.6.2 Security Bugs Fix Advisory 2025-0cc929ff17
PySide6 6.10.1 update. Pyside6 6.10.1 release. Rebuilt with stb_image patched for two new security bugs.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-0cc929ff17 2025-12-04 00:51:14.440721+00:00 -------------------------------------------------------------------------------- Name : sigil Product : Fedora 43 Version : 2.6.2 Release : 3.fc43 URL : https://sigil-ebook.com/ Summary : WYSIWYG ebook editor Description : Sigil is a multi-platform WYSIWYG ebook editor. It is designed to edit books in ePub format. Now what does it have to offer... * Full Unicode support: everything you see in Sigil is in UTF-16 * Full EPUB spec support * WYSIWYG editing * Multiple Views: Book View, Code View and Split View * Metadata editor with full support for all possible metadata entries with full descriptions for each * Table Of Contents editor * Multi-level TOC support * Book View fully supports the display of any XHTML document possible under the OPS spec * SVG support * Basic XPGT support * Advanced automatic conversion of all imported documents to Unicode * Currently imports TXT, HTML and EPUB files; more will be added with time * Embedded HTML Tidy; all imported documents are thoroughly cleaned; changing views cleans the document so no matter how much you screw up your code, it will fix it (usually) -------------------------------------------------------------------------------- Update Information: PySide6 6.10.1 update. Pyside6 6.10.1 release. Rebuilt with stb_image patched for two new security bugs. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 2 2025 Jan Grulich - 2.6.2-3 - Rebuild (python-pyside6) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2400455 -python-pyside6-6.10.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2400455 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-0cc929ff17' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Dec 04, 2025
•Important
Fedora
202
security advisoryDoSimportantopenSUSE 15.6: SUSE-SU-2025:02048-1 important: python312 DoS
An update that solves five vulnerabilities can now be installed.. # Security update for python312 Announcement ID: SUSE-SU-2025:02048-1 Release Date: 2025-06-20T12:40:50Z Rating: important References: * bsc#1243273 * bsc#1244032 * bsc#1244056 * bsc#1244059 * bsc#1244060 Cross-References: * CVE-2024-12718 * CVE-2025-4138 * CVE-2025-4330 * CVE-2025-4516 * CVE-2025-4517 CVSS scores: * CVE-2024-12718 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-12718 ( NVD ): 10.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-12718 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-4138 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2025-4138 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-4330 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2025-4330 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-4516 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-4516 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4516 ( NVD ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-4517 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4517 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-4517 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux EnterpriseServer for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for python312 fixes the following issues: python312 was updated from version 3.12.9 to 3.12.11: * Security issues fixed: * CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS (bsc#1243273) * CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517: Fixed multiple issues that allowed tarfile extraction filters to be bypassed using crafted symlinks and hard links (bsc#1244056, bsc#1244059, bsc#1244060, bsc#1244032) * Other changes and bugs fixed: * Added --single-process option to the Python test runner (regrtest). * Added support for text/x-rst MIME type. * Corrected issues in various modules. * Fixed bugs in the in the folding of rfc2047 encoded-words and in the folding of quoted strings when flattening an email message using a modern email policy. * Fixed f-string handling of lambda expressions with non-ASCII characters. * Fixed ipaddress.IPv6Address.reverse_pointer output according to RFC 3596. * Fixed parsing long IPv6 addresses with embedded IPv4 address. * Fixed resource leaks in gzip and multiprocessing Resource Tracker. * Improved IDLE's documentation display. * Improved the textual representation of IPv4-mapped IPv6 addresses in ipaddress. * ipaddress: fixed hash collisions for IPv4Network and IPv6Network objects * Made from **future** import barry_as_FLUFL work in more contexts. * Resolved potential crashes in contextvars, xml.etree.ElementTree, sqlite3, and the sys module. * Scheduled deprecation of the check_home argument in sysconfig.is_python_build() for Python 3.15. * Stop the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service. * Undeprecated functional API for importlib.resources and added Anchor. * Updated bundled libexpat to 2.7.1 * Updated bundled pip to version25.0.1. * Updated documentation for generic classes, wheel tags, and the C API. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-2048=1 openSUSE-SLE-15.6-2025-2048=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-2048=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python312-devel-3.12.11-150600.3.30.1 * python312-base-3.12.11-150600.3.30.1 * python312-tk-3.12.11-150600.3.30.1 * libpython3_12-1_0-debuginfo-3.12.11-150600.3.30.1 * python312-idle-3.12.11-150600.3.30.1 * python312-dbm-debuginfo-3.12.11-150600.3.30.1 * python312-debuginfo-3.12.11-150600.3.30.1 * python312-3.12.11-150600.3.30.1 * python312-curses-debuginfo-3.12.11-150600.3.30.1 * libpython3_12-1_0-3.12.11-150600.3.30.1 * python312-testsuite-3.12.11-150600.3.30.1 * python312-base-debuginfo-3.12.11-150600.3.30.1 * python312-debugsource-3.12.11-150600.3.30.1 * python312-doc-devhelp-3.12.11-150600.3.30.1 * python312-tk-debuginfo-3.12.11-150600.3.30.1 * python312-testsuite-debuginfo-3.12.11-150600.3.30.1 * python312-curses-3.12.11-150600.3.30.1 * python312-tools-3.12.11-150600.3.30.1 * python312-doc-3.12.11-150600.3.30.1 * python312-core-debugsource-3.12.11-150600.3.30.1 * python312-dbm-3.12.11-150600.3.30.1 * openSUSE Leap 15.6 (x86_64) * libpython3_12-1_0-32bit-debuginfo-3.12.11-150600.3.30.1 * python312-base-32bit-debuginfo-3.12.11-150600.3.30.1 * libpython3_12-1_0-32bit-3.12.11-150600.3.30.1 * python312-base-32bit-3.12.11-150600.3.30.1 * python312-32bit-debuginfo-3.12.11-150600.3.30.1 * python312-32bit-3.12.11-150600.3.30.1 * openSUSE Leap 15.6 (aarch64_ilp32) * python312-64bit-3.12.11-150600.3.30.1 * python312-base-64bit-3.12.11-150600.3.30.1 * python312-64bit-debuginfo-3.12.11-150600.3.30.1 * libpython3_12-1_0-64bit-3.12.11-150600.3.30.1 * libpython3_12-1_0-64bit-debuginfo-3.12.11-150600.3.30.1 * python312-base-64bit-debuginfo-3.12.11-150600.3.30.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python312-tools-3.12.11-150600.3.30.1 * python312-curses-debuginfo-3.12.11-150600.3.30.1 * libpython3_12-1_0-3.12.11-150600.3.30.1 * python312-debugsource-3.12.11-150600.3.30.1 * python312-devel-3.12.11-150600.3.30.1 * python312-base-3.12.11-150600.3.30.1 * python312-core-debugsource-3.12.11-150600.3.30.1 * python312-tk-debuginfo-3.12.11-150600.3.30.1 * python312-tk-3.12.11-150600.3.30.1 * libpython3_12-1_0-debuginfo-3.12.11-150600.3.30.1 * python312-debuginfo-3.12.11-150600.3.30.1 * python312-idle-3.12.11-150600.3.30.1 * python312-dbm-debuginfo-3.12.11-150600.3.30.1 * python312-base-debuginfo-3.12.11-150600.3.30.1 * python312-curses-3.12.11-150600.3.30.1 * python312-dbm-3.12.11-150600.3.30.1 * python312-3.12.11-150600.3.30.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12718.html * https://www.suse.com/security/cve/CVE-2025-4138.html * https://www.suse.com/security/cve/CVE-2025-4330.html * https://www.suse.com/security/cve/CVE-2025-4516.html * https://www.suse.com/security/cve/CVE-2025-4517.html * https://bugzilla.suse.com/show_bug.cgi?id=1243273 * https://bugzilla.suse.com/show_bug.cgi?id=1244032 * https://bugzilla.suse.com/show_bug.cgi?id=1244056 * https://bugzilla.suse.com/show_bug.cgi?id=1244059 * https://bugzilla.suse.com/show_bug.cgi?id=1244060 . Critical patch released for python312 addressing significant flaws affecting openSUSE environments.. Linux Security, openSUSE python, SUSE updates. . Severity: Important. LinuxSecurity.com Team
Jun 20, 2025
•Important
OpenSUSE
89
security advisoryFedorabugsFedora 41 rust-icu_provider_macros: Update and Bug Fixes
Update uv to 0.6.14, with various bugfixes and new features. Update rust-idna to 1.0.3 (fixing RUSTSEC-2024-0421), rust-url to 2.5.4, rust- adblock to 0.9.6, and rust-cookie_store to 0.21.1; adjust some reverse dependencies of rust-idna. Initial packages for many dependencies. Update rust-ron to 0.9.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-cd87acc644 2025-04-21 16:44:59.680841+00:00 -------------------------------------------------------------------------------- Name : rust-icu_provider_macros Product : Fedora 41 Version : 1.5.0 Release : 1.fc41 URL : https://crates.io/crates/icu_provider_macros Summary : Proc macros for ICU data providers Description : Proc macros for ICU data providers. -------------------------------------------------------------------------------- Update Information: Update uv to 0.6.14, with various bugfixes and new features. Update rust-idna to 1.0.3 (fixing RUSTSEC-2024-0421), rust-url to 2.5.4, rust- adblock to 0.9.6, and rust-cookie_store to 0.21.1; adjust some reverse dependencies of rust-idna. Initial packages for many dependencies. Update rust-ron to 0.9. Update rust-zip to 2.6.1, fixing GHSA-94vh-gphv-8pm8. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 8 2025 Benjamin A. Beasley - 1.5.0-1 - Initial package (close RHBZ#2358105) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2277901 - rust-adblock-0.9.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2277901 [ 2 ] Bug #2291175 - rust-idna-1.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2291175 [ 3 ] Bug #2323618 - rust-url-2.5.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2323618 [ 4 ] Bug #2324926 - rust-cookie_store-0.21.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2324926 [ 5 ] Bug #2352783 - rust-zip-2.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2352783 [ 6 ] Bug #2358015 - Review Request: rust-write16 - UTF-16 analog of the Write trait https://bugzilla.redhat.com/show_bug.cgi?id=2358015 [ 7 ] Bug #2358018 - Review Request: rust-utf16_iter - Iterator by char over potentially-invalid UTF-16 in &[u16] https://bugzilla.redhat.com/show_bug.cgi?id=2358018 [ 8 ] Bug #2358020 - Review Request: rust-icu_locid - API for managing Unicode Language and Locale Identifiers https://bugzilla.redhat.com/show_bug.cgi?id=2358020 [ 9 ] Bug #2358105 - Review Request: rust-icu_provider_macros - Proc macros for ICU data providers https://bugzilla.redhat.com/show_bug.cgi?id=2358105 [ 10 ] Bug #2358290 - Review Request: rust-icu_provider - Trait and struct definitions for the ICU data provider https://bugzilla.redhat.com/show_bug.cgi?id=2358290 [ 11 ] Bug #2358292 - Review Request: rust-icu_locid_transform_data - Data for the icu_locid_transform crate https://bugzilla.redhat.com/show_bug.cgi?id=2358292 [ 12 ] Bug #2358507 - Review Request: rust-icu_locid_transform - API for Unicode Language and Locale Identifiers canonicalization https://bugzilla.redhat.com/show_bug.cgi?id=2358507 [ 13 ] Bug #2358521 - Review Request: rust-icu_properties_data - Data for the icu_properties crate https://bugzilla.redhat.com/show_bug.cgi?id=2358521 [ 14 ] Bug #2358522 - Review Request: rust-icu_normalizer_data - Data for the icu_normalizer crate https://bugzilla.redhat.com/show_bug.cgi?id=2358522 [ 15 ] Bug #2358527 - Review Request: rust-icu_properties - Definitions for Unicode properties https://bugzilla.redhat.com/show_bug.cgi?id=2358527 [ 16 ] Bug #2358606 - Review Request: rust-icu_normalizer - API for normalizing text into Unicode Normalization Forms https://bugzilla.redhat.com/show_bug.cgi?id=2358606 [ 17 ] Bug #2358642 - Review Request: rust-idna_adapter -Back end adapter for idna https://bugzilla.redhat.com/show_bug.cgi?id=2358642 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-cd87acc644' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 21, 2025
•Critical
Fedora
100
security advisoryupdatesecurity fixSUSE 15 SP3: 2025:0517-2 important: kernel bug fixes and updates
* bsc#1215420 * bsc#1224763 * bsc#1231847 * bsc#1233112 * bsc#1234025 . # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0517-2 Release Date: 2025-02-20T12:33:01Z Rating: important References: * bsc#1215420 * bsc#1224763 * bsc#1231847 * bsc#1233112 * bsc#1234025 * bsc#1235217 * bsc#1235230 * bsc#1235249 * bsc#1235430 * bsc#1235441 * bsc#1235466 * bsc#1235645 * bsc#1235759 * bsc#1235814 * bsc#1235818 * bsc#1235920 * bsc#1236104 Cross-References: * CVE-2023-4244 * CVE-2023-52923 * CVE-2024-35863 * CVE-2024-50199 * CVE-2024-53104 * CVE-2024-56600 * CVE-2024-56601 * CVE-2024-56623 * CVE-2024-56650 * CVE-2024-56658 * CVE-2024-56664 * CVE-2024-56759 * CVE-2024-57791 * CVE-2024-57798 * CVE-2024-57849 * CVE-2024-57893 CVSS scores: * CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52923 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52923 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53104 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56600 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56601 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56601 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56623 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56623 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56623 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-56658 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56658 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56664 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56759 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56759 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57791 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-57791 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-57798 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N *CVE-2024-57798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57798 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57849 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57849 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57893 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57893 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves 16 vulnerabilities and has one security fix can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. NOTE: This update was retracted due to a regression in NFS. The following security bugs were fixed: * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763). * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112). * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025). * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217). * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create()(bsc#1235230). * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466). * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430). * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441). * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close() (bsc#1235249). * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645). * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining clc data (bsc#1235759). * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() (bsc#1235818). * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling (bsc#1235814). * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages (bsc#1235920). The following non-security bugs were fixed: * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847). * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847). * NFS: Improve heuristic for readdirplus (bsc#1231847). * NFS: Reduce readdir stack usage (bsc#1231847). * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847). * NFS: Use kmemdup_nul() in nfs_readdir_make_qstr() (bsc#1231847). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-517=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-517=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-517=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-517=1 * SUSE Linux Enterprise LivePatching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-517=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-517=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-517=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-517=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-517=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-517=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1 * kernel-default-debugsource-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-debugsource-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-debugsource-5.3.18-150300.59.191.1 * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.191.1 * openSUSE Leap 15.3 (noarch) * kernel-macros-5.3.18-150300.59.191.1 *kernel-source-5.3.18-150300.59.191.1 * kernel-docs-html-5.3.18-150300.59.191.1 * kernel-source-vanilla-5.3.18-150300.59.191.1 * kernel-devel-5.3.18-150300.59.191.1 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-debug-5.3.18-150300.59.191.1 * kernel-kvmsmall-5.3.18-150300.59.191.1 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-debug-devel-debuginfo-5.3.18-150300.59.191.1 * kernel-debug-debugsource-5.3.18-150300.59.191.1 * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.191.1 * kernel-kvmsmall-devel-5.3.18-150300.59.191.1 * kernel-kvmsmall-debugsource-5.3.18-150300.59.191.1 * kernel-debug-devel-5.3.18-150300.59.191.1 * kernel-debug-debuginfo-5.3.18-150300.59.191.1 * kernel-kvmsmall-debuginfo-5.3.18-150300.59.191.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * kernel-default-optional-5.3.18-150300.59.191.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1 * kernel-default-livepatch-5.3.18-150300.59.191.1 * kernel-default-optional-debuginfo-5.3.18-150300.59.191.1 * kernel-syms-5.3.18-150300.59.191.1 * kernel-obs-build-5.3.18-150300.59.191.1 * ocfs2-kmp-default-5.3.18-150300.59.191.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-devel-5.3.18-150300.59.191.1 * kernel-obs-qa-5.3.18-150300.59.191.1 * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1 * gfs2-kmp-default-5.3.18-150300.59.191.1 * dlm-kmp-default-5.3.18-150300.59.191.1 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.191.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-base-rebuild-5.3.18-150300.59.191.1.150300.18.113.1 * kernel-default-extra-debuginfo-5.3.18-150300.59.191.1 * reiserfs-kmp-default-5.3.18-150300.59.191.1 * kernel-default-debugsource-5.3.18-150300.59.191.1 *kernel-default-extra-5.3.18-150300.59.191.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.191.1 * cluster-md-kmp-default-5.3.18-150300.59.191.1 * kselftests-kmp-default-5.3.18-150300.59.191.1 * kernel-obs-build-debugsource-5.3.18-150300.59.191.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.191.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.3.18-150300.59.191.1 * kernel-livepatch-5_3_18-150300_59_191-default-debuginfo-1-150300.7.3.1 * kernel-livepatch-SLE15-SP3_Update_53-debugsource-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_191-default-1-150300.7.3.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_191-preempt-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_191-preempt-debuginfo-1-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 x86_64) * cluster-md-kmp-preempt-5.3.18-150300.59.191.1 * dlm-kmp-preempt-5.3.18-150300.59.191.1 * reiserfs-kmp-preempt-5.3.18-150300.59.191.1 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.191.1 * kernel-preempt-optional-debuginfo-5.3.18-150300.59.191.1 * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.191.1 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.191.1 * kernel-preempt-debugsource-5.3.18-150300.59.191.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1 * kselftests-kmp-preempt-5.3.18-150300.59.191.1 * gfs2-kmp-preempt-5.3.18-150300.59.191.1 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.191.1 * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.191.1 * kernel-preempt-optional-5.3.18-150300.59.191.1 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.191.1 * ocfs2-kmp-preempt-5.3.18-150300.59.191.1 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.191.1 * kernel-preempt-debuginfo-5.3.18-150300.59.191.1 * kernel-preempt-extra-5.3.18-150300.59.191.1 * kernel-preempt-devel-5.3.18-150300.59.191.1 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) *kernel-preempt-5.3.18-150300.59.191.1 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.191.1 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.191.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.191.1 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.191.1 * openSUSE Leap 15.3 (aarch64) * dtb-lg-5.3.18-150300.59.191.1 * dtb-hisilicon-5.3.18-150300.59.191.1 * dtb-rockchip-5.3.18-150300.59.191.1 * dtb-cavium-5.3.18-150300.59.191.1 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.191.1 * kernel-64kb-extra-5.3.18-150300.59.191.1 * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.191.1 * dtb-arm-5.3.18-150300.59.191.1 * dtb-allwinner-5.3.18-150300.59.191.1 * dtb-mediatek-5.3.18-150300.59.191.1 * dtb-amd-5.3.18-150300.59.191.1 * dtb-nvidia-5.3.18-150300.59.191.1 * kernel-64kb-debuginfo-5.3.18-150300.59.191.1 * reiserfs-kmp-64kb-5.3.18-150300.59.191.1 * dtb-exynos-5.3.18-150300.59.191.1 * ocfs2-kmp-64kb-5.3.18-150300.59.191.1 * dtb-freescale-5.3.18-150300.59.191.1 * dtb-sprd-5.3.18-150300.59.191.1 * dtb-zte-5.3.18-150300.59.191.1 * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.191.1 * dtb-xilinx-5.3.18-150300.59.191.1 * dtb-broadcom-5.3.18-150300.59.191.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1 * dlm-kmp-64kb-5.3.18-150300.59.191.1 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.191.1 * dtb-altera-5.3.18-150300.59.191.1 * kernel-64kb-optional-5.3.18-150300.59.191.1 * dtb-socionext-5.3.18-150300.59.191.1 * dtb-amlogic-5.3.18-150300.59.191.1 * dtb-apm-5.3.18-150300.59.191.1 * dtb-al-5.3.18-150300.59.191.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.191.1 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.191.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.191.1 * dtb-qcom-5.3.18-150300.59.191.1 * kernel-64kb-devel-5.3.18-150300.59.191.1 * dtb-marvell-5.3.18-150300.59.191.1 *kselftests-kmp-64kb-5.3.18-150300.59.191.1 * cluster-md-kmp-64kb-5.3.18-150300.59.191.1 * gfs2-kmp-64kb-5.3.18-150300.59.191.1 * kernel-64kb-debugsource-5.3.18-150300.59.191.1 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.191.1 * dtb-renesas-5.3.18-150300.59.191.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc) * kernel-default-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_191-default-1-150300.7.3.1 * kernel-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-livepatch-devel-5.3.18-150300.59.191.1 * kernel-default-debugsource-5.3.18-150300.59.191.1 * kernel-default-livepatch-5.3.18-150300.59.191.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-5.3.18-150300.59.191.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.191.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-debuginfo-5.3.18-150300.59.191.1 * cluster-md-kmp-default-5.3.18-150300.59.191.1 * kernel-default-debugsource-5.3.18-150300.59.191.1 * gfs2-kmp-default-5.3.18-150300.59.191.1 * dlm-kmp-default-5.3.18-150300.59.191.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc) * kernel-default-5.3.18-150300.59.191.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.191.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64) * kernel-64kb-devel-5.3.18-150300.59.191.1 * kernel-64kb-debugsource-5.3.18-150300.59.191.1 * kernel-64kb-debuginfo-5.3.18-150300.59.191.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150300.59.191.1 * kernel-preempt-5.3.18-150300.59.191.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-debuginfo-5.3.18-150300.59.191.1 * kernel-preempt-debugsource-5.3.18-150300.59.191.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1 * kernel-default-devel-5.3.18-150300.59.191.1 * reiserfs-kmp-default-5.3.18-150300.59.191.1 * kernel-default-debugsource-5.3.18-150300.59.191.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1 * kernel-preempt-debuginfo-5.3.18-150300.59.191.1 * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1 * kernel-obs-build-debugsource-5.3.18-150300.59.191.1 * kernel-syms-5.3.18-150300.59.191.1 * kernel-obs-build-5.3.18-150300.59.191.1 * kernel-preempt-devel-5.3.18-150300.59.191.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * kernel-devel-5.3.18-150300.59.191.1 * kernel-source-5.3.18-150300.59.191.1 * kernel-macros-5.3.18-150300.59.191.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64) * kernel-64kb-devel-5.3.18-150300.59.191.1 * kernel-64kb-debugsource-5.3.18-150300.59.191.1 * kernel-64kb-debuginfo-5.3.18-150300.59.191.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-devel-5.3.18-150300.59.191.1 *reiserfs-kmp-default-5.3.18-150300.59.191.1 * kernel-default-debugsource-5.3.18-150300.59.191.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1 * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1 * kernel-obs-build-debugsource-5.3.18-150300.59.191.1 * kernel-syms-5.3.18-150300.59.191.1 * kernel-obs-build-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * kernel-devel-5.3.18-150300.59.191.1 * kernel-source-5.3.18-150300.59.191.1 * kernel-macros-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch nosrc) * kernel-docs-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64) * kernel-preempt-debugsource-5.3.18-150300.59.191.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1 * kernel-preempt-debuginfo-5.3.18-150300.59.191.1 * kernel-preempt-devel-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.191.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-devel-5.3.18-150300.59.191.1 * reiserfs-kmp-default-5.3.18-150300.59.191.1 * kernel-default-debugsource-5.3.18-150300.59.191.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1 * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1 * kernel-obs-build-debugsource-5.3.18-150300.59.191.1 * kernel-syms-5.3.18-150300.59.191.1 *kernel-obs-build-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * kernel-devel-5.3.18-150300.59.191.1 * kernel-source-5.3.18-150300.59.191.1 * kernel-macros-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64) * kernel-preempt-5.3.18-150300.59.191.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * kernel-preempt-debugsource-5.3.18-150300.59.191.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1 * kernel-preempt-debuginfo-5.3.18-150300.59.191.1 * kernel-preempt-devel-5.3.18-150300.59.191.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.191.1 * SUSE Enterprise Storage 7.1 (aarch64) * kernel-64kb-devel-5.3.18-150300.59.191.1 * kernel-64kb-debugsource-5.3.18-150300.59.191.1 * kernel-64kb-debuginfo-5.3.18-150300.59.191.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150300.59.191.1 * kernel-preempt-5.3.18-150300.59.191.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1 * kernel-default-debuginfo-5.3.18-150300.59.191.1 * kernel-preempt-debugsource-5.3.18-150300.59.191.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1 * kernel-default-devel-5.3.18-150300.59.191.1 * reiserfs-kmp-default-5.3.18-150300.59.191.1 * kernel-default-debugsource-5.3.18-150300.59.191.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1 * kernel-preempt-debuginfo-5.3.18-150300.59.191.1 * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1 * kernel-obs-build-debugsource-5.3.18-150300.59.191.1 * kernel-syms-5.3.18-150300.59.191.1 * kernel-obs-build-5.3.18-150300.59.191.1 *kernel-preempt-devel-5.3.18-150300.59.191.1 * SUSE Enterprise Storage 7.1 (noarch) * kernel-devel-5.3.18-150300.59.191.1 * kernel-source-5.3.18-150300.59.191.1 * kernel-macros-5.3.18-150300.59.191.1 * SUSE Enterprise Storage 7.1 (noarch nosrc) * kernel-docs-5.3.18-150300.59.191.1 ## References: * https://www.suse.com/security/cve/CVE-2023-4244.html * https://www.suse.com/security/cve/CVE-2023-52923.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-50199.html * https://www.suse.com/security/cve/CVE-2024-53104.html * https://www.suse.com/security/cve/CVE-2024-56600.html * https://www.suse.com/security/cve/CVE-2024-56601.html * https://www.suse.com/security/cve/CVE-2024-56623.html * https://www.suse.com/security/cve/CVE-2024-56650.html * https://www.suse.com/security/cve/CVE-2024-56658.html * https://www.suse.com/security/cve/CVE-2024-56664.html * https://www.suse.com/security/cve/CVE-2024-56759.html * https://www.suse.com/security/cve/CVE-2024-57791.html * https://www.suse.com/security/cve/CVE-2024-57798.html * https://www.suse.com/security/cve/CVE-2024-57849.html * https://www.suse.com/security/cve/CVE-2024-57893.html * https://bugzilla.suse.com/show_bug.cgi?id=1215420 * https://bugzilla.suse.com/show_bug.cgi?id=1224763 * https://bugzilla.suse.com/show_bug.cgi?id=1231847 * https://bugzilla.suse.com/show_bug.cgi?id=1233112 * https://bugzilla.suse.com/show_bug.cgi?id=1234025 * https://bugzilla.suse.com/show_bug.cgi?id=1235217 * https://bugzilla.suse.com/show_bug.cgi?id=1235230 * https://bugzilla.suse.com/show_bug.cgi?id=1235249 * https://bugzilla.suse.com/show_bug.cgi?id=1235430 * https://bugzilla.suse.com/show_bug.cgi?id=1235441 * https://bugzilla.suse.com/show_bug.cgi?id=1235466 * https://bugzilla.suse.com/show_bug.cgi?id=1235645 * https://bugzilla.suse.com/show_bug.cgi?id=1235759 * https://bugzilla.suse.com/show_bug.cgi?id=1235814 *https://bugzilla.suse.com/show_bug.cgi?id=1235818 * https://bugzilla.suse.com/show_bug.cgi?id=1235920 * https://bugzilla.suse.com/show_bug.cgi?id=1236104 . SUSE releases an urgent security bulletin regarding the kernel to address severe vulnerabilities affecting various offerings.. SUSE Updates, Linux Kernel Fixes, Security Risks. . Severity: Important. LinuxSecurity.com Team
Feb 21, 2025
•Important
SuSE
203
security advisoryhigh severitypatchMageia 9: 2024-0142 High Severity: Kernel-Linus Security Issue
Upstream kernel version 6.6.28 fix bugs and vulnerabilities. For information about the vulnerabilities see the links. References: - https://bugs.mageia.org/show_bug.cgi?id=33111 . MGASA-2024-0142 - Updated kernel-linus packages fix security vulnerabilities Publication date: 23 Apr 2024 URL: https://advisories.mageia.org/MGASA-2024-0142.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-26809, CVE-2024-26651, CVE-2023-7042, CVE-2024-22099, CVE-2023-6270, CVE-2024-24861, CVE-2024-26656, CVE-2024-26642, CVE-2024-26643, CVE-2023-47233, CVE-2024-26654, CVE-2024-23307, CVE-2024-26921, CVE-2024-26817, CVE-2024-24858, CVE-2024-24857 Upstream kernel version 6.6.28 fix bugs and vulnerabilities. For information about the vulnerabilities see the links. References: - https://bugs.mageia.org/show_bug.cgi?id=33111 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.23 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.24 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.25 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.26 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.27 - https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.28 - https://www.cve.org/CVERecord?id=CVE-2024-26809 - https://www.cve.org/CVERecord?id=CVE-2024-26651 - https://www.cve.org/CVERecord?id=CVE-2023-7042 - https://www.cve.org/CVERecord?id=CVE-2024-22099 - https://www.cve.org/CVERecord?id=CVE-2023-6270 - https://www.cve.org/CVERecord?id=CVE-2024-24861 - https://www.cve.org/CVERecord?id=CVE-2024-26656 - https://www.cve.org/CVERecord?id=CVE-2024-26642 - https://www.cve.org/CVERecord?id=CVE-2024-26643 - https://www.cve.org/CVERecord?id=CVE-2023-47233 - https://www.cve.org/CVERecord?id=CVE-2024-26654 - https://www.cve.org/CVERecord?id=CVE-2024-23307 - https://www.cve.org/CVERecord?id=CVE-2024-26921 - https://www.cve.org/CVERecord?id=CVE-2024-26817 - https://www.cve.org/CVERecord?id=CVE-2024-24858 -https://www.cve.org/CVERecord?id=CVE-2024-24857 SRPMS: - 9/core/kernel-linus-6.6.28-1.mga9 . Address critical vulnerabilities in Mageia kernel-linus through security updates. Important bug fix details included.. Mageia Kernel Fixes, Kernel Security Updates, Package Vulnerability Management. . LinuxSecurity.com Team
Apr 23, 2024
Mageia
89
security advisorymoderatefedoraFedora 36: 2022-ce32af66d6 Moderate: Webkit2gtk3 Fixes and Updates
* Fix scrolling issues in some sites having fixed background. * Fix prolonged buffering during progressive live playback. * Fix several crashes and rendering issues. * Security fixes: CVE-2022-42799, CVE-2022-42823, CVE-2022-42824. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-ce32af66d6 2022-11-09 11:20:02.682775 --------------------------------------------------------------------------------Name : webkit2gtk3 Product : Fedora 36 Version : 2.38.2 Release : 1.fc36 URL : https://www.webkitgtk.org/ Summary : GTK Web content engine library Description : WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3. --------------------------------------------------------------------------------Update Information: * Fix scrolling issues in some sites having fixed background. * Fix prolonged buffering during progressive live playback. * Fix several crashes and rendering issues. * Security fixes: CVE-2022-42799, CVE-2022-42823, CVE-2022-42824 --------------------------------------------------------------------------------ChangeLog: * Fri Nov 4 2022 Michael Catanzaro 2.38.2-1 - Update to 2.38.2 --------------------------------------------------------------------------------References: [ 1 ] Bug #2140511 - CVE-2022-42799 webkit2gtk3: webkitgtk: a issue was addressed with improved UI handling [fedora-36] https://bugzilla.redhat.com/show_bug.cgi?id=2140511 [ 2 ] Bug #2140517 - CVE-2022-42824 webkit2gtk3: webkitgtk: A logic issue was addressed with improved state management [fedora-36] https://bugzilla.redhat.com/show_bug.cgi?id=2140517 [ 3 ] Bug #2140523 - CVE-2022-42823 webkit2gtk3: webkitgtk: A type confusion issue was addressed with improved memory handling [fedora-36] https://bugzilla.redhat.com/show_bug.cgi?id=2140523 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-ce32af66d6' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Nov 09, 2022
Fedora
202
security advisorycritical issuekernel updateopenSUSE 15.2: OPENUSE-SU-2021-0532-1 Important: Kernel Security Update
An update that solves 21 vulnerabilities and has 74 fixes is now available. . openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0532-1 Rating: important References: #1152472 #1152489 #1153274 #1154353 #1155518 #1156256 #1159280 #1160634 #1167773 #1168777 #1169514 #1169709 #1171295 #1173485 #1177326 #1178163 #1178330 #1179454 #1180197 #1180980 #1181383 #1181674 #1181862 #1182011 #1182077 #1182485 #1182552 #1182574 #1182591 #1182595 #1182715 #1182716 #1182717 #1182770 #1182989 #1183015 #1183018 #1183022 #1183023 #1183048 #1183252 #1183277 #1183278 #1183279 #1183280 #1183281 #1183282 #1183283 #1183284 #1183285 #1183286 #1183287 #1183288 #1183366 #1183369 #1183386 #1183412 #1183416 #1183427 #1183428 #1183445 #1183447 #1183501 #1183509 #1183530 #1183534 #1183540 #1183593 #1183596 #1183598 #1183637 #1183646 #1183662 #1183686 #1183692 #1183696 #1183750 #1183757 #1183775 #1183843 #1183859 #1183871 #1184167 #1184168 #1184170 #1184176 #1184192 #1184193 #1184196 #1184198 #1184217 #1184218 #1184219 #1184220 #1184224 Cross-References: CVE-2019-18814 CVE-2019-19769 CVE-2020-27170 CVE-2020-27171 CVE-2020-27815 CVE-2020-35519 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 CVE-2021-28038 CVE-2021-28375 CVE-2021-28660 CVE-2021-28688 CVE-2021-28964 CVE-2021-28971 CVE-2021-28972 CVE-2021-29264 CVE-2021-29265 CVE-2021-29647 CVE-2021-3428 CVE-2021-3444 CVSS scores: CVE-2019-18814 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-18814 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVE-2019-19769 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2019-19769 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H CVE-2020-27170 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2020-27171 (NVD) : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H CVE-2020-27815 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2020-35519 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-27363 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L CVE-2021-27363 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2021-27364 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2021-27364 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2021-27365 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-27365 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-28038 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2021-28375 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-28660 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-28660 (SUSE): 8 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-28964 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-28971 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-28972 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-28972 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2021-29264 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-29265 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-29265 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-3428 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2021-3444 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-3444 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that solves 21 vulnerabilities and has 74 fixes is now available. Description: The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3444: Fixed an issue with the bpf verifier which did not properly handle mod32 destination register truncation when the source register was known to be 0 leading to out of bounds read (bsc#1184170). - CVE-2021-3428: Fixed an integer overflow in ext4_es_cache_extent (bsc#1173485). - CVE-2021-29647: Fixed an issue in qrtr_recvmsg which could have allowed attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure (bsc#1184192 ). - CVE-2021-29265: Fixed an issue in usbip_sockfd_store which could have allowed attackers to cause a denial of service due to race conditions during an update of the local and shared status (bsc#1184167). - CVE-2021-29264: Fixed an issue in the Freescale Gianfar Ethernet driver which could have allowed attackers to cause a system crash due to a calculation of negative fragment size (bsc#1184168). - CVE-2021-28972: Fixed a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack framedirectly (bsc#1184198). - CVE-2021-28971: Fixed an issue in intel_pmu_drain_pebs_nhm which could have caused a system crash because the PEBS status in a PEBS record was mishandled (bsc#1184196 ). - CVE-2021-28964: Fixed a race condition in get_old_root which could have allowed attackers to cause a denial of service (bsc#1184193). - CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc#1183646). - CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan (bsc#1183593 ). - CVE-2021-28375: Fixed an issue in fastrpc_internal_invoke which did not prevent user applications from sending kernel RPC messages (bsc#1183596). - CVE-2021-28038: Fixed an issue with the netback driver which was lacking necessary treatment of errors such as failed memory allocations (bsc#1183022). - CVE-2021-27365: Fixed an issue where an unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message (bsc#1182715). - CVE-2021-27364: Fixed an issue where an attacker could craft Netlink messages (bsc#1182717). - CVE-2021-27363: Fixed a kernel pointer leak which could have been used to determine the address of the iscsi_transport structure (bsc#1182716). - CVE-2020-35519: Fixed an out-of-bounds memory access was found in x25_bind (bsc#1183696). - CVE-2020-27815: Fixed an issue in JFS filesystem where could have allowed an attacker to execute code (bsc#1179454). - CVE-2020-27171: Fixed an off-by-one error affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory (bsc#1183775). - CVE-2020-27170: Fixed potential side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory (bsc#1183686). - CVE-2019-19769: Fixed a use-after-free in the perf_trace_lock_acquire function(bsc#1159280 ). - CVE-2019-18814: Fixed a use-after-free when aa_label_parse() fails in aa_audit_rule_init() (bsc#1156256). The following non-security bugs were fixed: - 0007-block-add-docs-for-gendisk-request_queue-refcount-he.patch: (bsc#1171295, git fixes (block drivers)). - 0008-block-revert-back-to-synchronous-request_queue-remov.patch: (bsc#1171295, git fixes (block drivers)). - 0009-blktrace-fix-debugfs-use-after-free.patch: (bsc#1171295, git fixes (block drivers)). - ACPI: bus: Constify is_acpi_node() and friends (part 2) (git-fixes). - ACPICA: Always create namespace nodes using acpi_ns_create_node() (git-fixes). - ACPICA: Enable sleep button on ACPI legacy wake (bsc#1181383). - ACPICA: Fix race in generic_serial_bus (I2C) and GPIO op_region parameter handling (git-fixes). - ACPI: scan: Rearrange memory allocation in acpi_device_add() (git-fixes). - ACPI: video: Add DMI quirk for GIGABYTE GB-BXBT-2807 (git-fixes). - ACPI: video: Add missing callback back for Sony VPCEH3U1E (git-fixes). - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits (git-fixes). - ALSA: hda: Avoid spurious unsol event handling during S3/S4 (git-fixes). - ALSA: hda: Drop the BATCH workaround for AMD controllers (git-fixes). - ALSA: hda: generic: Fix the micmute led init state (git-fixes). - ALSA: hda/hdmi: Cancel pending works before suspend (git-fixes). - ALSA: hda/realtek: Add quirk for Clevo NH55RZQ (git-fixes). - ALSA: hda/realtek: Add quirk for Intel NUC 10 (git-fixes). - ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board (git-fixes). - ALSA: hda/realtek: Apply headset-mic quirks for Xiaomi Redmibook Air (git-fixes). - ALSA: hda/realtek: apply pin quirk for XiaomiNotebook Pro (git-fixes). - ALSA: hda/realtek: Enable headset mic of Acer SWIFT with ALC256 (git-fixes). - ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO (git-fixes). - ALSA: usb: Add PlantronicsC320-M USB ctrl msg delay quirk (bsc#1182552). - ALSA: usb-audio: Allow modifying parameters with succeeding hw_params calls (bsc#1182552). - ALSA: usb-audio: Apply sample rate quirk to Logitech Connect (git-fixes). - ALSA: usb-audio: Apply the control quirk to Plantronics headsets (bsc#1182552). - ALSA: usb-audio: Disable USB autosuspend properly in setup_disable_autosuspend() (bsc#1182552). - ALSA: usb-audio: Do not abort even if the clock rate differs (bsc#1182552). - ALSA: usb-audio: Drop bogus dB range in too low level (bsc#1182552). - ALSA: usb-audio: Fix "cannot get freq eq" errors on Dell AE515 sound bar (bsc#1182552). - ALSA: usb-audio: fix NULL ptr dereference in usb_audio_probe (bsc#1182552). - ALSA: usb-audio: Fix "RANGE setting not yet supported" errors (git-fixes). - ALSA: usb-audio: fix use after free in usb_audio_disconnect (bsc#1182552). - ALSA: usb-audio: Skip the clock selector inquiry for single connections (git-fixes). - ALSA: usb: Use DIV_ROUND_UP() instead of open-coding it (git-fixes). - amd/amdgpu: Disable VCN DPG mode for Picasso (git-fixes). - apparmor: check/put label on apparmor_sk_clone_security() (git-fixes). - arm64: make STACKPROTECTOR_PER_TASK configurable (bsc#1181862). - ASoC: ak4458: Add MODULE_DEVICE_TABLE (git-fixes). - ASoC: ak5558: Add MODULE_DEVICE_TABLE (git-fixes). - ASoC: cs42l42: Always wait at least 3ms after reset (git-fixes). - ASoC: cs42l42: Do not enable/disable regulator at Bias Level (git-fixes). - ASoC: cs42l42: Fix Bitclock polarity inversion (git-fixes). - ASoC: cs42l42: Fix channel width support (git-fixes). - ASoC: cs42l42: Fix mixer volume control (git-fixes). - ASoC: es8316: Simplify adc_pga_gain_tlv table (git-fixes). - ASoC: fsl_ssi: Fix TDM slot setup for I2S mode (git-fixes). - ASoC: Intel: Add DMI quirk table to soc_intel_is_byt_cr() (git-fixes). - ASoC: Intel: bytcr_rt5640: Add quirk for ARCHOS Cesium 140 (git-fixes). - ASoC:Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet (git-fixes). - ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R tablet (git-fixes). - ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet (git-fixes). - ASoC: Intel: bytcr_rt5640: Fix HP Pavilion x2 10-p0XX OVCD current threshold (git-fixes). - ASoC: Intel: bytcr_rt5651: Add quirk for the Jumper EZpad 7 tablet (git-fixes). - ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of 10 (git-fixes). - ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of 10 (git-fixes). - ASoC: rt5670: Add emulated 'DAC1 Playback Switch' control (git-fixes). - ASoC: rt5670: Remove ADC vol-ctrl mute bits poking from Sto1 ADC mixer settings (git-fixes). - ASoC: rt5670: Remove 'HP Playback Switch' control (git-fixes). - ASoC: rt5670: Remove 'OUT Channel Switch' control (git-fixes). - ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on probe (git-fixes). - ASoC: simple-card-utils: Do not handle device clock (git-fixes). - ath10k: fix wmi mgmt tx queue full due to race condition (git-fixes). - ath9k: fix transmitting to stations in dynamic SMPS mode (git-fixes). - binfmt_misc: fix possible deadlock in bm_register_write (git-fixes). - binfmt_misc: fix possible deadlock in bm_register_write (git-fixes). - blktrace-annotate-required-lock-on-do_blk_trace_setu.patch: (bsc#1171295). - blktrace-Avoid-sparse-warnings-when-assigning-q-blk_.patch: (bsc#1171295). - blktrace-break-out-of-blktrace-setup-on-concurrent-c.patch: (bsc#1171295). - block-clarify-context-for-refcount-increment-helpers.patch: (bsc#1171295). - block: rsxx: fix error return code of rsxx_pci_probe() (git-fixes). - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data (git-fixes). - Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl (git-fixes). -bnxt_en: reliably allocate IRQ table on reset to avoid crash (jsc#SLE-8371 bsc#1153274). - bpf: Add sanity check for upper ptr_limit (bsc#1183686 bsc#1183775). - bpf: Avoid warning when re-casting __bpf_call_base into __bpf_call_base_args (bsc#1155518). - bpf: Declare __bpf_free_used_maps() unconditionally (bsc#1155518). - bpf: Do not do bpf_cgroup_storage_set() for kuprobe/tp programs (bsc#1155518). - bpf: Fix 32 bit src register truncation on div/mod (bsc#1184170). - bpf_lru_list: Read double-checked variable once without lock (bsc#1155518). - bpf: Simplify alu_limit masking for pointer arithmetic (bsc#1183686 bsc#1183775). - bpf,x64: Pad NOPs to make images converge more easily (bsc#1178163). - brcmfmac: Add DMI nvram filename quirk for Predia Basic tablet (git-fixes). - brcmfmac: Add DMI nvram filename quirk for Voyo winpad A15 tablet (git-fixes). - btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root (bsc#1184217). - btrfs: always pin deleted leaves when there are active tree mod log users (bsc#1184224). - btrfs: fix exhaustion of the system chunk array due to concurrent allocations (bsc#1183386). - btrfs: fix extent buffer leak on failure to copy root (bsc#1184218). - btrfs: fix race when cloning extent buffer during rewind of an old root (bsc#1184193). - btrfs: fix stale data exposure after cloning a hole with NO_HOLES enabled (bsc#1184220). - btrfs: fix subvolume/snapshot deletion not triggered on mount (bsc#1184219). - bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD (git-fixes). - can: c_can: move runtime PM enable/disable to c_can_platform (git-fixes). - can: c_can_pci: c_can_pci_remove(): fix use-after-free (git-fixes). - can: flexcan: assert FRZ bit in flexcan_chip_freeze() (git-fixes). - can: flexcan: enable RX FIFO after FRZ/HALT valid (git-fixes). - can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate (git-fixes). - can:flexcan: invoke flexcan_chip_freeze() to enter freeze mode (git-fixes). - can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning (git-fixes). - can: peak_usb: add forgotten supported devices (git-fixes). - can: peak_usb: Revert "can: peak_usb: add forgotten supported devices" (git-fixes). - can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership (git-fixes). - cdc-acm: fix BREAK rx code path adding necessary calls (git-fixes). - certs: Fix blacklist flag type confusion (git-fixes). - cifs: check pointer before freeing (bsc#1183534). - completion: Drop init_completion define (git-fixes). - configfs: fix a use-after-free in __configfs_open_file (git-fixes). - config: net: freescale: change xgmac-mdio to built-in References: bsc#1183015,bsc#1182595 - crypto: aesni - prevent misaligned buffers on the stack (git-fixes). - crypto: arm64/sha - add missing module aliases (git-fixes). - crypto: bcm - Rename struct device_private to bcm_device_private (git-fixes). - crypto: Kconfig - CRYPTO_MANAGER_EXTRA_TESTS requires the manager (git-fixes). - crypto: tcrypt - avoid signed overflow in byte count (git-fixes). - Delete patches.suse/sched-Reenable-interrupts-in-do_sched_yield.patch (bsc#1183530) - drivers/misc/vmw_vmci: restrict too big queue size in qp_host_alloc_queue (git-fixes). - drm/amd/display: Guard against NULL pointer deref when get_i2c_info fails (git-fixes). - drm/amdgpu: Add check to prevent IH overflow (git-fixes). - drm/amdgpu: fix parameter error of RREG32_PCIE() in amdgpu_regs_pcie (git-fixes). - drm/amdkfd: Put ACPI table after using it (bsc#1152489) Backporting notes: * context changes - drm/amd/powerplay: fix spelling mistake "smu_state_memroy_block" -> (bsc#1152489) Backporting notes: * rename amd/pm to amd/powerplay * context changes - drm/compat: Clear bounce structures (git-fixes). - drm/hisilicon:Fix use-after-free (git-fixes). - drm/i915: Reject 446-480MHz HDMI clock on GLK (git-fixes). - drm/mediatek: Fix aal size config (bsc#1152489) Backporting notes: * replaced mtk_ddp_write() with writel() - drm: meson_drv add shutdown function (git-fixes). - drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register (git-fixes). - drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) (git-fixes). - drm/msm: Fix races managing the OOB state for timestamp vs (bsc#1152489) Backporting notes: * context changes - drm/msm: fix shutdown hook in case GPU components failed to bind (git-fixes). - drm/msm: Fix use-after-free in msm_gem with carveout (bsc#1152489) Backporting notes: * context changes - drm/msm: Fix WARN_ON() splat in _free_object() (bsc#1152489) Backporting notes: * context changes - drm/msm/gem: Add obj-> lock wrappers (bsc#1152489) Backporting notes: * taken for 9b73bde39cf2 ("drm/msm: Fix use-after-free in msm_gem with carveout") * context changes - drm/nouveau: bail out of nouveau_channel_new if channel init fails (bsc#1152489) - drm/nouveau/kms: handle mDP connectors (git-fixes). - drm/panfrost: Do not corrupt the queue mutex on open/close (bsc#1152472) - drm/panfrost: Fix job timeout handling (bsc#1152472) Backporting notes: - drm/panfrost: Remove unused variables in panfrost_job_close() (bsc#1152472) - drm/radeon: fix AGP dependency (git-fixes). - drm: rcar-du: Fix crash when using LVDS1 clock for CRTC (bsc#1152489) Backporting notes: * context changes - drm/sched: Cancel and flush all outstanding jobs before finish (git-fixes). - drm/sun4i: tcon: fix inverted DCLK polarity (bsc#1152489) Backporting notes: * context changes - drm/tegra: sor: Grab runtime PM reference across reset (git-fixes). - drm/vc4: hdmi: Restore cec physical address on reconnect (bsc#1152472) Backporting notes: * context changes * change vc4_hdmi to vc4-> hdmi * removed references to encoder-> hdmi_monitor - efi: use 32-bit alignment for efi_guid_t literals (git-fixes). - epoll: check for events when removing a timed out thread from the wait queue (git-fixes). - ethernet: alx: fix order of calls on resume (git-fixes). - exec: Move would_dump into flush_old_exec (git-fixes). - exfat: add missing MODULE_ALIAS_FS() (bsc#1182989). - exfat: add the dummy mount options to be backward compatible with staging/exfat (bsc#1182989). - extcon: Add stubs for extcon_register_notifier_all() functions (git-fixes). - extcon: Fix error handling in extcon_dev_register (git-fixes). - fbdev: aty: SPARC64 requires FB_ATY_CT (git-fixes). - firmware/efi: Fix a use after bug in efi_mem_reserve_persistent (git-fixes). - flow_dissector: fix byteorder of dissected ICMP ID (bsc#1154353). - fsl/fman: check dereferencing null pointer (git-fixes). - fsl/fman: fix dereference null return value (git-fixes). - fsl/fman: fix eth hash table allocation (git-fixes). - fsl/fman: fix unreachable code (git-fixes). - fsl/fman: use 32-bit unsigned integer (git-fixes). - fuse: verify write return (git-fixes). - gcc-plugins: drop support for GCC buf (git-fixes). - net: mvneta: make tx buffer array agnostic (git-fixes). - net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init (git-fixes). - netsec: restore phy power state after controller reset (bsc#1183757). - net: spider_net: Fix the size used in a 'dma_free_coherent()' call (git-fixes). - net: stmmac: Fix incorrect location to set real_num_rx|tx_queues (git-fixes). - net: stmmac: removed enabling eee in EEE set callback (git-fixes). - net: stmmac: use netif_tx_start|stop_all_queues() function (git-fixes). - net: stmmac: Use rtnl_lock/unlock on netif_set_real_num_rx_queues() call (git-fixes). - net: usb: ax88179_178a: fix missing stop entry in driver_info (git-fixes). - net: usb: qmi_wwan:allow qmimux add/del with master up (git-fixes). - net: usb: qmi_wwan: support ZTE P685M modem (git-fixes). - nfp: flower: fix pre_tun mask id allocation (bsc#1154353). - nvme: allocate the keep alive request using BLK_MQ_REQ_NOWAIT (bsc#1182077). - nvme-fabrics: fix kato initialization (bsc#1182591). - nvme-fabrics: only reserve a single tag (bsc#1182077). - nvme-fc: fix racing controller reset and create association (bsc#1183048). - nvme-hwmon: Return error code when registration fails (bsc#1177326). - nvme: merge nvme_keep_alive into nvme_keep_alive_work (bsc#1182077). - nvme: return an error if nvme_set_queue_count() fails (bsc#1180197). - nvmet-rdma: Fix list_del corruption on queue establishment failure (bsc#1183501). - objtool: Fix ".cold" section suffix check for newer versions of GCC (bsc#1169514). - objtool: Fix error handling for STD/CLD warnings (bsc#1169514). - objtool: Fix retpoline detection in asm code (bsc#1169514). - ovl: fix dentry leak in ovl_get_redirect (bsc#1184176). - ovl: fix out of date comment and unreachable code (bsc#1184176). - ovl: fix regression with re-formatted lower squashfs (bsc#1184176). - ovl: fix unneeded call to ovl_change_flags() (bsc#1184176). - ovl: fix value of i_ino for lower hardlink corner case (bsc#1184176). - ovl: initialize error in ovl_copy_xattr (bsc#1184176). - ovl: relax WARN_ON() when decoding lower directory file handle (bsc#1184176). - PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse (git-fixes). - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller (git-fixes). - PCI: Align checking of syscall user config accessors (git-fixes). - PCI: Decline to resize resources if boot config must be preserved (git-fixes). - PCI: Fix pci_register_io_range() memory leak (git-fixes). - PCI: mediatek: Add missing of_node_put() to fix reference leak (git-fixes). - PCI: qcom: Use PHY_REFCLK_USE_PAD only for ipq8064 (git-fixes). - PCI: xgene-msi: Fix race in installing chained irq handler (git-fixes). - pinctrl: rockchip: fix restore error in resume (git-fixes). - Platform: OLPC: Fix probe error handling (git-fixes). - platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire Switch 10E SW3-016 (git-fixes). - platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag (git-fixes). - platform/x86: acer-wmi: Add new force_caps module parameter (git-fixes). - platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices (git-fixes). - platform/x86: acer-wmi: Cleanup accelerometer device handling (git-fixes). - platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines (git-fixes). - platform/x86: intel-vbtn: Stop reporting SW_DOCK events (git-fixes). - PM: EM: postpone creating the debugfs dir till fs_initcall (git-fixes). - PM: runtime: Add pm_runtime_resume_and_get to deal with usage counter (bsc#1183366). - PM: runtime: Fix race getting/putting suppliers at probe (git-fixes). - powerpc/book3s64/radix: Remove WARN_ON in destroy_context() (bsc#1183692 ltc#191963). - powerpc/pseries/mobility: handle premature return from H_JOIN (bsc#1181674 ltc#189159 git-fixes bsc#1183662 ltc#191922). - powerpc/pseries/mobility: use struct for shared state (bsc#1181674 ltc#189159 git-fixes bsc#1183662 ltc#191922). - printk: fix deadlock when kernel panic (bsc#1183018). - proc: fix lookup in /proc/net subdirectories after setns(2) (git-fixes). - pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare() (git-fixes). - qxl: Fix uninitialised struct field head.surface_id (git-fixes). - random: fix the RNDRESEEDCRNG ioctl (git-fixes). - RDMA/hns: Disable RQ inline by default (jsc#SLE-8449). - RDMA/hns: Fix type of sq_signal_bits (jsc#SLE-8449). - RDMA/srp: Fix support for unpopulated and unbalanced NUMA nodes (bsc#1169709) - Revert "net: bonding: fix error return code of bond_neigh_init()" (bsc#1154353). - rpadlpar: fix potential drc_name corruption in store functions (bsc#1183416 ltc#191079). - rpm/check-for-config-changes: add -mrecord-mcount ignore Added by 3b15cdc15956 (tracing: move function tracer options to Kconfig) upstream. - rpm/check-for-config-changes: comment on the list To explain what it actually is. - rpm/check-for-config-changes: declare sed args as an array So that we can reuse it in both seds. This also introduces IGNORED_CONFIGS_RE array which can be easily extended. - rpm/check-for-config-changes: define ignores more strictly * search for whole words, so make wildcards explicit * use ' for quoting * prepend CONFIG_ dynamically, so it need not be in the list - rpm/check-for-config-changes: ignore more configs Specifially, these: * CONFIG_CC_HAS_* * CONFIG_CC_HAVE_* * CONFIG_CC_CAN_* * CONFIG_HAVE_[A-Z]*_COMPILER * CONFIG_TOOLS_SUPPORT_* are compiler specific too. This will allow us to use super configs using kernel's dummy-tools. - rpm/check-for-config-changes: sort the ignores They are growing so to make them searchable by humans. - rsi: Fix TX EAPOL packet handling against iwlwifi AP (git-fixes). - rsi: Move card interrupt handling to RX thread (git-fixes). - rsxx: Return -EFAULT if copy_to_user() fails (git-fixes). - s390/cio: return -EFAULT if copy_to_user() fails (git-fixes). - s390/cio: return -EFAULT if copy_to_user() fails (git-fixes). - s390/crypto: return -EFAULT if copy_to_user() fails (git-fixes). - s390/dasd: fix hanging IO request during DASD driver unbind (git-fixes). - s390/qeth: fix memory leak after failed TX Buffer allocation (git-fixes). - s390/qeth: fix notification for pending buffers during teardown (git-fixes). - s390/qeth: improve completion of pending TX buffers (git-fixes). - s390/qeth: schedule TX NAPI on QAOB completion (git-fixes). - s390/vtime: fix increased steal time accounting (bsc#1183859). - samples, bpf: Addmissing munmap in xdpsock (bsc#1155518). - scsi: lpfc: Change wording of invalid pci reset log message (bsc#1182574). - scsi: lpfc: Correct function header comments related to ndlp reference counting (bsc#1182574). - scsi: lpfc: Fix ADISC handling that never frees nodes (bsc#1182574). - scsi: lpfc: Fix crash caused by switch reboot (bsc#1182574). - scsi: lpfc: Fix dropped FLOGI during pt2pt discovery recovery (bsc#1182574). - scsi: lpfc: Fix FLOGI failure due to accessing a freed node (bsc#1182574). - scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe (bsc#1182574). - scsi: lpfc: Fix lpfc_els_retry() possible null pointer dereference (bsc#1182574). - scsi: lpfc: Fix nodeinfo debugfs output (bsc#1182574). - scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb() (bsc#1182574). - scsi: lpfc: Fix PLOGI ACC to be transmit after REG_LOGIN (bsc#1182574). - scsi: lpfc: Fix pt2pt connection does not recover after LOGO (bsc#1182574). - scsi: lpfc: Fix pt2pt state transition causing rmmod hang (bsc#1182574). - scsi: lpfc: Fix reftag generation sizing errors (bsc#1182574). - scsi: lpfc: Fix stale node accesses on stale RRQ request (bsc#1182574). - scsi: lpfc: Fix status returned in lpfc_els_retry() error exit path (bsc#1182574). - scsi: lpfc: Fix unnecessary null check in lpfc_release_scsi_buf (bsc#1182574). - scsi: lpfc: Fix use after free in lpfc_els_free_iocb (bsc#1182574). - scsi: lpfc: Fix vport indices in lpfc_find_vport_by_vpid() (bsc#1182574). - scsi: lpfc: Reduce LOG_TRACE_EVENT logging for vports (bsc#1182574). - scsi: lpfc: Update copyrights for 12.8.0.7 and 12.8.0.8 changes (bsc#1182574). - scsi: lpfc: Update lpfc version to 12.8.0.8 (bsc#1182574). - scsi: target: pscsi: Avoid OOM in pscsi_map_sg() (bsc#1183843). - scsi: target: pscsi: Clean up after failure in pscsi_map_sg() (bsc#1183843). - selftests/bpf: Mask bpf_csum_diff() return value to 16bits in test_verifier (bsc#1155518). - selftests/bpf: No need to drop the packet when there is no geneve opt (bsc#1155518). - selftests/bpf: Set gopt opt_class to 0 if get tunnel opt failed (bsc#1155518). - selinux: fix error initialization in inode_doinit_with_dentry() (git-fixes). - selinux: Fix error return code in sel_ib_pkey_sid_slow() (git-fixes). - selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling (git-fixes). - smb3: Fix out-of-bounds bug in SMB2_negotiate() (bsc#1183540). - software node: Fix node registration (git-fixes). - spi: stm32: make spurious and overrun interrupts visible (git-fixes). - squashfs: fix inode lookup sanity checks (bsc#1183750). - squashfs: fix xattr id and id lookup sanity checks (bsc#1183750). - staging: bcm2835-audio: Replace unsafe strcpy() with strscpy() (git-fixes). - staging: comedi: addi_apci_1032: Fix endian problem for COS sample (git-fixes). - staging: comedi: addi_apci_1500: Fix endian problem for command sample (git-fixes). - staging: comedi: adv_pci1710: Fix endian problem for AI command data (git-fixes). - staging: comedi: das6402: Fix endian problem for AI command data (git-fixes). - staging: comedi: das800: Fix endian problem for AI command data (git-fixes). - staging: comedi: dmm32at: Fix endian problem for AI command data (git-fixes). - staging: comedi: me4000: Fix endian problem for AI command data (git-fixes). - staging: comedi: pcl711: Fix endian problem for AI command data (git-fixes). - staging: comedi: pcl818: Fix endian problem for AI command data (git-fixes). - staging: fwserial: Fix error handling in fwserial_create (git-fixes). - staging: gdm724x: Fix DMA from stack (git-fixes). - staging: ks7010: prevent buffer overflow in ks_wlan_set_scan() (git-fixes). - staging: most: sound: add sanity check for function argument (git-fixes). - staging: rtl8188eu: Add Edimax EW-7811UN V2 todevice table (git-fixes). - staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data() (git-fixes). - staging: rtl8188eu: prevent -> ssid overflow in rtw_wx_set_scan() (git-fixes). - staging: rtl8192e: Change state information from u16 to u8 (git-fixes). - staging: rtl8192e: Fix incorrect source in memcpy() (git-fixes). - staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan (git-fixes). - staging: rtl8192u: fix -> ssid overflow in r8192_wx_set_scan() (git-fixes). - staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd (git-fixes). - staging: rtl8712: unterminated string leads to read overflow (git-fixes). - stop_machine: mark helpers __always_inline (git-fixes). - udlfb: Fix memory leak in dlfb_usb_probe (git-fixes). - Update bug reference for USB-audio fixes (bsc#1182552 bsc#1183598) - USB: cdc-acm: fix double free on probe failure (git-fixes). - USB: cdc-acm: fix use-after-free after probe failure (git-fixes). - USB: dwc2: Fix HPRT0.PrtSusp bit setting for HiKey 960 board (git-fixes). - USB: dwc2: Prevent core suspend when port connection flag is 0 (git-fixes). - USB: dwc3: gadget: Fix dep-> interval for fullspeed interrupt (git-fixes). - USB: dwc3: gadget: Fix setting of DEPCFG.bInterval_m1 (git-fixes). - USB: dwc3: qcom: Add missing DWC3 OF node refcount decrement (git-fixes). - USB: dwc3: qcom: Honor wakeup enabled/disabled state (git-fixes). - USB: gadget: configfs: Fix KASAN use-after-free (git-fixes). - USB: gadget: f_uac1: stop playback on function disable (git-fixes). - USB: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot (git-fixes). - USB: gadget: udc: amd5536udc_pci fix null-ptr-dereference (git-fixes). - USB: gadget: u_ether: Fix a configfs return code (git-fixes). - USBip: Fix incorrect double assignment to udc-> ud.tcp_rx (git-fixes). - USBip: fix stub_dev to check for stream socket (git-fixes). -USBip: fix stub_dev USBip_sockfd_store() races leading to gpf (git-fixes). - USBip: fix vhci_hcd attach_store() races leading to gpf (git-fixes). - USBip: fix vhci_hcd to check for stream socket (git-fixes). - USBip: fix vudc to check for stream socket (git-fixes). - USBip: fix vudc usbip_sockfd_store races leading to gpf (git-fixes). - USBip: tools: fix build error for multiple definition (git-fixes). - USB: musb: Fix suspend with devices connected for a64 (git-fixes). - USB: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM (git-fixes). - USB: replace hardcode maximum usb string length by definition (git-fixes). - USB: serial: ch341: add new Product ID (git-fixes). - USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter (git-fixes). - USB: serial: cp210x: add some more GE USB IDs (git-fixes). - USB: serial: ftdi_sio: fix FTX sub-integer prescaler (git-fixes). - USB: serial: io_edgeport: fix memory leak in edge_startup (git-fixes). - USB-storage: Add quirk to defeat Kindle's automatic unload (git-fixes). - USB: typec: tcpm: Invoke power_supply_changed for tcpm-source-psy- (git-fixes). - USB: usblp: fix a hang in poll() if disconnected (git-fixes). - USB: xhci: do not perform Soft Retry for some xHCI hosts (git-fixes). - USB: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing (git-fixes). - USB: xhci-mtk: fix broken streams issue on 0.96 xHCI (git-fixes). - use __netdev_notify_peers in ibmvnic (bsc#1183871 ltc#192139). - video: fbdev: acornfb: remove free_unused_pages() (bsc#1152489) - video: hyperv_fb: Fix a double free in hvfb_probe (git-fixes). - VMCI: Use set_page_dirty_lock() when unregistering guest memory (git-fixes). - vt/consolemap: do font sum unsigned (git-fixes). - watchdog: mei_wdt: request stop on unregister (git-fixes). - wireguard: device: do not generate ICMP for non-IP packets (git-fixes). - wireguard: kconfig: use arm chacha even with no neon(git-fixes). - wireguard: selftests: test multiple parallel streams (git-fixes). - wlcore: Fix command execute failure 19 for wl12xx (git-fixes). - x86/fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task (bsc#1152489). - xen/events: avoid handling the same event on two cpus at the same time (git-fixes). - xen/events: do not unmask an event channel when an eoi is pending (git-fixes). - xen/events: reset affinity of 2-level event when tearing it down (git-fixes). - xen/gnttab: handle p2m update errors on a per-slot basis (bsc#1183022 XSA-367). - xen-netback: respect gnttab_map_refs()'s return value (bsc#1183022 XSA-367). - xfs: group quota should return EDQUOT when prj quota enabled (bsc#1180980). - xhci: Fix repeated xhci wake after suspend due to uncleared internal wake state (git-fixes). - xhci: Improve detection of device initiated wake signal (git-fixes). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-532=1 Package List: - openSUSE Leap 15.2 (noarch): kernel-devel-5.3.18-lp152.69.1 kernel-docs-5.3.18-lp152.69.1 kernel-docs-html-5.3.18-lp152.69.1 kernel-macros-5.3.18-lp152.69.1 kernel-source-5.3.18-lp152.69.1 kernel-source-vanilla-5.3.18-lp152.69.1 - openSUSE Leap 15.2 (x86_64): kernel-debug-5.3.18-lp152.69.1 kernel-debug-debuginfo-5.3.18-lp152.69.1 kernel-debug-debugsource-5.3.18-lp152.69.1 kernel-debug-devel-5.3.18-lp152.69.1 kernel-debug-devel-debuginfo-5.3.18-lp152.69.1 kernel-default-5.3.18-lp152.69.1 kernel-default-base-5.3.18-lp152.69.1.lp152.8.28.1 kernel-default-base-rebuild-5.3.18-lp152.69.1.lp152.8.28.1 kernel-default-debuginfo-5.3.18-lp152.69.1 kernel-default-debugsource-5.3.18-lp152.69.1 kernel-default-devel-5.3.18-lp152.69.1 kernel-default-devel-debuginfo-5.3.18-lp152.69.1 kernel-kvmsmall-5.3.18-lp152.69.1 kernel-kvmsmall-debuginfo-5.3.18-lp152.69.1 kernel-kvmsmall-debugsource-5.3.18-lp152.69.1 kernel-kvmsmall-devel-5.3.18-lp152.69.1 kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.69.1 kernel-obs-build-5.3.18-lp152.69.1 kernel-obs-build-debugsource-5.3.18-lp152.69.1 kernel-obs-qa-5.3.18-lp152.69.1 kernel-preempt-5.3.18-lp152.69.1 kernel-preempt-debuginfo-5.3.18-lp152.69.1 kernel-preempt-debugsource-5.3.18-lp152.69.1 kernel-preempt-devel-5.3.18-lp152.69.1 kernel-preempt-devel-debuginfo-5.3.18-lp152.69.1 kernel-syms-5.3.18-lp152.69.1 References: https://www.suse.com/security/cve/CVE-2019-18814.html https://www.suse.com/security/cve/CVE-2019-19769.html https://www.suse.com/security/cve/CVE-2020-27170.html https://www.suse.com/security/cve/CVE-2020-27171.html https://www.suse.com/security/cve/CVE-2020-27815.html https://www.suse.com/security/cve/CVE-2020-35519.html https://www.suse.com/security/cve/CVE-2021-27363.html https://www.suse.com/security/cve/CVE-2021-27364.html https://www.suse.com/security/cve/CVE-2021-27365.html https://www.suse.com/security/cve/CVE-2021-28038.html https://www.suse.com/security/cve/CVE-2021-28375.html https://www.suse.com/security/cve/CVE-2021-28660.html https://www.suse.com/security/cve/CVE-2021-28688.html https://www.suse.com/security/cve/CVE-2021-28964.html https://www.suse.com/security/cve/CVE-2021-28971.html https://www.suse.com/security/cve/CVE-2021-28972.html https://www.suse.com/security/cve/CVE-2021-29264.html https://www.suse.com/security/cve/CVE-2021-29265.html https://www.suse.com/security/cve/CVE-2021-29647.html https://www.suse.com/security/cve/CVE-2021-3428.html https://www.suse.com/security/cve/CVE-2021-3444.html https://bugzilla.suse.com/1152472 https://bugzilla.suse.com/1152489 https://bugzilla.suse.com/1153274 https://bugzilla.suse.com/1154353 https://bugzilla.suse.com/1155518 https://bugzilla.suse.com/1156256 https://bugzilla.suse.com/1159280 https://bugzilla.suse.com/1160634 https://bugzilla.suse.com/1167773 https://bugzilla.suse.com/1168777 https://bugzilla.suse.com/1169514 https://bugzilla.suse.com/1169709 https://bugzilla.suse.com/1171295 https://bugzilla.suse.com/1173485 https://bugzilla.suse.com/1177326 https://bugzilla.suse.com/1178163 https://bugzilla.suse.com/1178330 https://bugzilla.suse.com/1179454 https://bugzilla.suse.com/1180197 https://bugzilla.suse.com/1180980 https://bugzilla.suse.com/1181383 https://bugzilla.suse.com/1181674 https://bugzilla.suse.com/1181862 https://bugzilla.suse.com/1182011 https://bugzilla.suse.com/1182077 https://bugzilla.suse.com/1182485 https://bugzilla.suse.com/1182552 https://bugzilla.suse.com/1182574 https://bugzilla.suse.com/1182591 https://bugzilla.suse.com/1182595 https://bugzilla.suse.com/1182715 https://bugzilla.suse.com/1182716 https://bugzilla.suse.com/1182717 https://bugzilla.suse.com/1182770 https://bugzilla.suse.com/1182989 https://bugzilla.suse.com/1183015 https://bugzilla.suse.com/1183018 https://bugzilla.suse.com/1183022 https://bugzilla.suse.com/1183023 https://bugzilla.suse.com/1183048 https://bugzilla.suse.com/1183252 https://bugzilla.suse.com/1183277 https://bugzilla.suse.com/1183278 https://bugzilla.suse.com/1183279 https://bugzilla.suse.com/1183280 https://bugzilla.suse.com/1183281 https://bugzilla.suse.com/1183282 https://bugzilla.suse.com/1183283 https://bugzilla.suse.com/1183284 https://bugzilla.suse.com/1183285 https://bugzilla.suse.com/1183286 https://bugzilla.suse.com/1183287 https://bugzilla.suse.com/1183288 https://bugzilla.suse.com/1183366 https://bugzilla.suse.com/1183369 https://bugzilla.suse.com/1183386 https://bugzilla.suse.com/1183412 https://bugzilla.suse.com/1183416 https://bugzilla.suse.com/1183427 https://bugzilla.suse.com/1183428 https://bugzilla.suse.com/1183445 https://bugzilla.suse.com/1183447 https://bugzilla.suse.com/1183501 https://bugzilla.suse.com/1183509 https://bugzilla.suse.com/1183530 https://bugzilla.suse.com/1183534 https://bugzilla.suse.com/1183540 https://bugzilla.suse.com/1183593 https://bugzilla.suse.com/1183596 https://bugzilla.suse.com/1183598 https://bugzilla.suse.com/1183637 https://bugzilla.suse.com/1183646 https://bugzilla.suse.com/1183662 https://bugzilla.suse.com/1183686 https://bugzilla.suse.com/1183692 https://bugzilla.suse.com/1183696 https://bugzilla.suse.com/1183750 https://bugzilla.suse.com/1183757 https://bugzilla.suse.com/1183775 https://bugzilla.suse.com/1183843 https://bugzilla.suse.com/1183859 https://bugzilla.suse.com/1183871 https://bugzilla.suse.com/1184167 https://bugzilla.suse.com/1184168 https://bugzilla.suse.com/1184170 https://bugzilla.suse.com/1184176 https://bugzilla.suse.com/1184192 https://bugzilla.suse.com/1184193 https://bugzilla.suse.com/1184196 https://bugzilla.suse.com/1184198 https://bugzilla.suse.com/1184217 https://bugzilla.suse.com/1184218 https://bugzilla.suse.com/1184219 https://bugzilla.suse.com/1184220 https://bugzilla.suse.com/1184224 . This Fedora security alert includes a core update addressing 19 severe vulnerabilities and 65 corrections, along with installation guidance.. openSUSE Kernel Update, Critical Threats, Security Updates. . Severity: Important. LinuxSecurity.com Team
Apr 10, 2021
•Important
OpenSUSE
202
security advisorymoderateopenSUSEopenSUSE Leap 15.2: Update ID openSUSE-SU-2020:1194-1 Moderate Go Software
An update that solves one vulnerability and has one errata is now available.. openSUSE Security Update: Security update for go1.13 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1194-1 Rating: moderate References: #1149259 #1174977 Cross-References: CVE-2020-16845 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for go1.13 fixes the following issues: - go1.13 was updated to version 1.13.5 - CVE-2020-16845: dUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (bsc#1174977). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-1194=1 Package List: - openSUSE Leap 15.2 (x86_64): go1.13-1.13.15-lp152.2.7.1 go1.13-doc-1.13.15-lp152.2.7.1 go1.13-race-1.13.15-lp152.2.7.1 References: https://www.suse.com/security/cve/CVE-2020-16845.html https://bugzilla.suse.com/1149259 https://bugzilla.suse.com/1174977 -- . A security enhancement for openSUSE Leap 15.2 tackles a notable vulnerability within go1.13 software, including specifics of the applied patch.. openSUSE Security Update, go1.13 vulnerability, patch instructions. . LinuxSecurity.com Team
Aug 12, 2020
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!