Stay Vigilant with Timely Linux Security Advisories

security advisorycritical issuesecurity update

SUSE 15 SP5: 2024:4124-1 Important: Kernel RT Live Patch Critical Fixes

* bsc#1221302 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 . # Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:4124-1 Release Date: 2024-12-02T09:15:06Z Rating: important References: * bsc#1221302 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223683 * bsc#1225011 * bsc#1225012 * bsc#1225013 * bsc#1225099 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225429 * bsc#1225733 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1227471 * bsc#1228573 * bsc#1228786 * bsc#1229273 * bsc#1229553 Cross-References: * CVE-2021-47517 * CVE-2021-47598 * CVE-2022-48651 * CVE-2022-48662 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-35949 * CVE-2024-35950 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-41059 * CVE-2024-43861 CVSS scores: * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H *CVE-2024-26828 ( NVD ): 6.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35949 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux EnterpriseReal Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 25 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_47 fixes several issues. The following security issues were fixed: * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2022-48662: Update for 'really move i915_gem_context.link under ref protection' (bsc#1223521) * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev-> mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-> mac_header (bsc#1223514). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4124=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-4124=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-9-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-9-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-9-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-9-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-9-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52752.html *https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225429 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 *https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1229273 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 . An important update for the Kernel RT addresses 25 security issues in SUSE, offering crucial fixes for users.. Kernel Live Patch, SUSE Security, Linux Kernel Update, Security Fixes, Kernel Issues. . Severity: Important. LinuxSecurity.com Team

Dec 02, 2024 •Important SuSE

security advisorysecurity updatecritical patch

SUSE: 2024:3592-1 important: Linux Kernel multiple security fixes

* bsc#1199769 * bsc#1216223 * bsc#1220382 * bsc#1221610 * bsc#1221650 . # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3592-1 Release Date: 2024-10-10T16:03:56Z Rating: important References: * bsc#1199769 * bsc#1216223 * bsc#1220382 * bsc#1221610 * bsc#1221650 * bsc#1222629 * bsc#1222973 * bsc#1223600 * bsc#1223848 * bsc#1224085 * bsc#1225903 * bsc#1226003 * bsc#1226606 * bsc#1226662 * bsc#1226666 * bsc#1226846 * bsc#1226860 * bsc#1226875 * bsc#1226915 * bsc#1227487 * bsc#1227726 * bsc#1227819 * bsc#1227832 * bsc#1227890 * bsc#1228507 * bsc#1228576 * bsc#1228620 * bsc#1228771 * bsc#1229031 * bsc#1229034 * bsc#1229086 * bsc#1229156 * bsc#1229289 * bsc#1229334 * bsc#1229362 * bsc#1229363 * bsc#1229364 * bsc#1229394 * bsc#1229429 * bsc#1229453 * bsc#1229572 * bsc#1229573 * bsc#1229585 * bsc#1229607 * bsc#1229619 * bsc#1229633 * bsc#1229662 * bsc#1229753 * bsc#1229764 * bsc#1229790 * bsc#1229810 * bsc#1229830 * bsc#1229899 * bsc#1229928 * bsc#1229947 * bsc#1230015 * bsc#1230129 * bsc#1230130 * bsc#1230170 * bsc#1230171 * bsc#1230174 * bsc#1230175 * bsc#1230176 * bsc#1230178 * bsc#1230180 * bsc#1230185 * bsc#1230192 * bsc#1230193 * bsc#1230194 * bsc#1230200 * bsc#1230204 * bsc#1230209 * bsc#1230211 * bsc#1230212 * bsc#1230217 * bsc#1230224 * bsc#1230230 * bsc#1230233 * bsc#1230244 * bsc#1230245 * bsc#1230247 * bsc#1230248 * bsc#1230269 * bsc#1230339 * bsc#1230340 * bsc#1230392 * bsc#1230398 * bsc#1230431 * bsc#1230433 * bsc#1230434 * bsc#1230440 * bsc#1230442 * bsc#1230444 * bsc#1230450 * bsc#1230451 * bsc#1230454 * bsc#1230506 * bsc#1230507 * bsc#1230511 * bsc#1230515 * bsc#1230517 * bsc#1230524 * bsc#1230533 * bsc#1230535 * bsc#1230549 * bsc#1230556 * bsc#1230582 * bsc#1230589 * bsc#1230591 * bsc#1230592 * bsc#1230699 * bsc#1230700 * bsc#1230701 *bsc#1230702 * bsc#1230703 * bsc#1230705 * bsc#1230706 * bsc#1230707 * bsc#1230709 * bsc#1230710 * bsc#1230711 * bsc#1230712 * bsc#1230719 * bsc#1230724 * bsc#1230725 * bsc#1230730 * bsc#1230731 * bsc#1230732 * bsc#1230733 * bsc#1230747 * bsc#1230748 * bsc#1230751 * bsc#1230752 * bsc#1230756 * bsc#1230761 * bsc#1230766 * bsc#1230767 * bsc#1230768 * bsc#1230771 * bsc#1230772 * bsc#1230776 * bsc#1230783 * bsc#1230786 * bsc#1230791 * bsc#1230794 * bsc#1230796 * bsc#1230802 * bsc#1230806 * bsc#1230808 * bsc#1230810 * bsc#1230812 * bsc#1230813 * bsc#1230814 * bsc#1230815 * bsc#1230821 * bsc#1230825 * bsc#1230830 * bsc#1231013 * bsc#1231017 * bsc#1231116 * bsc#1231120 * bsc#1231146 * bsc#1231180 * bsc#1231181 Cross-References: * CVE-2022-48901 * CVE-2022-48911 * CVE-2022-48923 * CVE-2022-48935 * CVE-2022-48944 * CVE-2022-48945 * CVE-2023-52610 * CVE-2023-52916 * CVE-2024-26640 * CVE-2024-26759 * CVE-2024-26767 * CVE-2024-26804 * CVE-2024-26837 * CVE-2024-37353 * CVE-2024-38538 * CVE-2024-38596 * CVE-2024-38632 * CVE-2024-40910 * CVE-2024-40973 * CVE-2024-40983 * CVE-2024-41062 * CVE-2024-41082 * CVE-2024-42154 * CVE-2024-42259 * CVE-2024-42265 * CVE-2024-42304 * CVE-2024-42305 * CVE-2024-42306 * CVE-2024-43828 * CVE-2024-43835 * CVE-2024-43890 * CVE-2024-43898 * CVE-2024-43912 * CVE-2024-43914 * CVE-2024-44935 * CVE-2024-44944 * CVE-2024-44946 * CVE-2024-44948 * CVE-2024-44950 * CVE-2024-44952 * CVE-2024-44954 * CVE-2024-44967 * CVE-2024-44969 * CVE-2024-44970 * CVE-2024-44971 * CVE-2024-44972 * CVE-2024-44977 * CVE-2024-44982 * CVE-2024-44986 * CVE-2024-44987 * CVE-2024-44988 * CVE-2024-44989 * CVE-2024-44990 * CVE-2024-44998 * CVE-2024-44999 * CVE-2024-45000 * CVE-2024-45001 * CVE-2024-45003 * CVE-2024-45006 * CVE-2024-45007 * CVE-2024-45008 * CVE-2024-45011 * CVE-2024-45013 *CVE-2024-45015 * CVE-2024-45018 * CVE-2024-45020 * CVE-2024-45021 * CVE-2024-45026 * CVE-2024-45028 * CVE-2024-45029 * CVE-2024-46673 * CVE-2024-46674 * CVE-2024-46675 * CVE-2024-46676 * CVE-2024-46677 * CVE-2024-46679 * CVE-2024-46685 * CVE-2024-46686 * CVE-2024-46689 * CVE-2024-46694 * CVE-2024-46702 * CVE-2024-46707 * CVE-2024-46714 * CVE-2024-46715 * CVE-2024-46717 * CVE-2024-46720 * CVE-2024-46721 * CVE-2024-46722 * CVE-2024-46723 * CVE-2024-46724 * CVE-2024-46725 * CVE-2024-46726 * CVE-2024-46727 * CVE-2024-46728 * CVE-2024-46730 * CVE-2024-46731 * CVE-2024-46732 * CVE-2024-46737 * CVE-2024-46738 * CVE-2024-46739 * CVE-2024-46743 * CVE-2024-46744 * CVE-2024-46745 * CVE-2024-46746 * CVE-2024-46747 * CVE-2024-46750 * CVE-2024-46751 * CVE-2024-46752 * CVE-2024-46753 * CVE-2024-46755 * CVE-2024-46756 * CVE-2024-46758 * CVE-2024-46759 * CVE-2024-46761 * CVE-2024-46771 * CVE-2024-46772 * CVE-2024-46773 * CVE-2024-46774 * CVE-2024-46778 * CVE-2024-46780 * CVE-2024-46781 * CVE-2024-46783 * CVE-2024-46784 * CVE-2024-46786 * CVE-2024-46787 * CVE-2024-46791 * CVE-2024-46794 * CVE-2024-46798 * CVE-2024-46822 * CVE-2024-46830 CVSS scores: * CVE-2022-48901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48923 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48923 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48923 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48935 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48935 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48944 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48944 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48944 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52610 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26767 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-26767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26804 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26837 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2024-37353 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2024-38538 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-38538 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-38596 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2024-38632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38632 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40910 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40973 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-40973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40973 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40983 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H *CVE-2024-41082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42154 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42154 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-42259 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42259 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42259 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42265 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-42304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42306 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43828 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43890 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-43890 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-43890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43898 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43912 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-43912 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-43912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43914 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43914 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44935 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44935 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44944 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44944 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44946 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44950 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44952 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44952 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44954 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44954 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44967 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44967 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44969 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44970 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44971 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44972 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44977 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44977 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44977 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44982 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44986 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44986 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44987 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44987 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44988 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44989 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44989 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44990 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44998 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44998 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44999 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44999 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-45000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45001 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45001 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45003 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45003 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45006 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45006 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45007 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45008 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45011 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45013 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45015 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-45018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45020 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45020 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45026 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45028 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45029 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45029 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46673 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46673 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46674 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46674 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46675 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:L * CVE-2024-46675 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H *CVE-2024-46675 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46676 ( SUSE ): 2.4 CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L * CVE-2024-46676 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-46676 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46677 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-46677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46677 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46679 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L * CVE-2024-46679 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46679 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46685 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46685 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46686 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46686 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46689 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46694 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46694 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46702 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L * CVE-2024-46702 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46702 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46707 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46714 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46714 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46715 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46720 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46721 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46721 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46722 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-46723 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46723 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-46724 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-46724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-46724 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-46725 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46725 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46726 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46726 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46727 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46728 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46730 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46731 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H *CVE-2024-46731 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-46732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46732 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46737 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-46737 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46737 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46738 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-46738 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46738 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46739 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-46739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46743 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-46743 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-46743 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-46744 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-46744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-46744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46745 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46746 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-46746 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-46746 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46747 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-46747 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-46747 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-46750 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46750 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46750 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46751 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46751 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46751 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46752 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46753 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46755 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46755 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46756 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-46756 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2024-46756 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46758 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-46758 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2024-46758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46759 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-46759 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2024-46759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46761 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46761 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46772 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46773 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46773 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46780 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46780 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46781 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46781 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46783 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46783 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46784 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46784 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46786 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46786 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-46786 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46787 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46791 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46791 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46791 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46794 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-46794 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-46798 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46798 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46822 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46822 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Real Time Module 15-SP5 An update that solves 130 vulnerabilities and has 34 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48901: btrfs: do not start relocation until in progress drops are done (bsc#1229607). * CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229633). * CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662) * CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619) * CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610). * CVE-2023-52916: media: aspeed:Fix memory overwrite if timing is 1600x900 (bsc#1230269). * CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650). * CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340). * CVE-2024-26767: drm/amd/display: fixed integer types and null check locations (bsc#1230339). * CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629). * CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of the list of MDB events to replay (bsc#1222973). * CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875). * CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606). * CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846). * CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832). * CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890). * CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819). * CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). * CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620 CVE-2024-41082). * CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507). * CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156) * CVE-2024-42265: protect the fetch of -> fd[fd] in do_dup2() from mispredictions (bsc#1229334). * CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364). * CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363). * CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362). * CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394). * CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764). * CVE-2024-43898: ext4:sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753). * CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830) * CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790). * CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810). * CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899). * CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015). * CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180). * CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race (bsc#1230178). * CVE-2024-44954: ALSA: line6: Fix racy access to midibuf (bsc#1230176). * CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209). * CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211). * CVE-2024-44986: ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230230) * CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185). * CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192). * CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193). * CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194). * CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171). * CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233). * CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245). * CVE-2024-45007: char: xillybus: Refine workqueue handling (bsc#1230175). * CVE-2024-45008: Input: MT - limit max slots (bsc#1230248). * CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442). * CVE-2024-45015: drm/msm/dpu: move dpu_encoder's connector assignment to (bsc#1230444) * CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431). * CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434). * CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451). * CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506). * CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe error path (bsc#1230507). * CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549). * CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556). * CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515) * CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517). * CVE-2024-46689: soc: qcom: cmd-db: Map shared memory as WC, not WB (bsc#1230524) * CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589) * CVE-2024-46707: KVM: arm64: Make ICC_ _SGI_ _EL1 undef in the absence of a vGICv3 (bsc#1230582). * CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access (bsc#1230700). * CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719). * CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710) * CVE-2024-46728: drm/amd/display: Check index for aux_rd_interval before using (bsc#1230703) * CVE-2024-46730: drm/amd/display: Ensure array index tg_inst won't be -1 (bsc#1230701) * CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756). * CVE-2024-46750: PCI: Add missing bridge lock to pci_bus_lock() (bsc#1230783). * CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786). * CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info()(bsc#1230794). * CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796). * CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772). * CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810). * CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815). * CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825). * CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120). * CVE-2024-46830: KVM: x86: Acquire kvm-> srcu when handling KVM_SET_VCPU_EVENTS (bsc#1231116). The following non-security bugs were fixed: * ACPI: battery: create alarm sysfs attribute atomically (git-fixes). * ACPI: CPPC: Fix MASK_VAL() usage (git-fixes). * ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() (git- fixes). * ACPI: processor: Fix memory leaks in error paths of processor_add() (stable- fixes). * ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add() (stable-fixes). * ACPI: SBS: manage alarm sysfs attribute through psy core (git-fixes). * ACPI: sysfs: validate return type of _STR method (git-fixes). * af_unix: annotate lockless accesses to sk-> sk_err (bsc#1226846). * af_unix: Fix data races around sk-> sk_shutdown (bsc#1226846). * af_unix: Fix data-races around sk-> sk_shutdown (git-fixes). * ALSA: hda: Add input value sanity checks to HDMI channel map controls (stable-fixes). * ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius devices (stable-fixes). * ALSA: hda/conexant: Mute speakers at suspend / shutdown (stable-fixes). * ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown (stable-fixes). * ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx (stable-fixes). * apparmor: fix possible NULL pointer dereference (stable-fixes). * arm64: acpi: Move get_cpu_for_acpi_id() to a header (git-fixes). * arm64: dts:rockchip: Correct the Pinebook Pro battery design capacity (git- fixes). * arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E (git- fixes). * arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency (git-fixes). * arm64/mm: Modify range-based tlbi to decrement scale (bsc#1229585) * arm64/mm: Update tlb invalidation routines for FEAT_LPA2 (bsc#1229585) * arm64: tlb: Allow range operation for MAX_TLBI_RANGE_PAGES (bsc#1229585) * arm64: tlb: Fix TLBI RANGE operand (bsc#1229585) * arm64: tlb: Improve __TLBI_VADDR_RANGE() (bsc#1229585) * ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object (git-fixes). * ASoC: meson: axg-card: fix 'use-after-free' (git-fixes). * ASoc: SOF: topology: Clear SOF link platform name upon unload (git-fixes). * ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode (git-fixes). * ASoC: tegra: Fix CBB error during probe() (git-fixes). * ASoC: topology: Properly initialize soc_enum values (stable-fixes). * ata: libata: Fix memory leak for error path in ata_host_alloc() (git-fixes). * ata: pata_macio: Use WARN instead of BUG (stable-fixes). * blk-mq: add helper for checking if one CPU is mapped to specified hctx (bsc#1223600). * blk-mq: add number of queue calc helper (bsc#1229034). * blk-mq: Build default queue map via group_cpus_evenly() (bsc#1229031). * blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600). * blk-mq: introduce blk_mq_dev_map_queues (bsc#1229034). * blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1229034). * blk-mq: use hk cpus only when isolcpus=io_queue is enabled (bsc#1229034). * Bluetooth: btusb: Fix not handling ZPL/short-transfer (git-fixes). * Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED (git-fixes). * Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL (git- fixes). * Bluetooth: L2CAP: Fix deadlock (git-fixes). * Bluetooth: MGMT: Ignore keys being loaded with invalid type (git-fixes). *cachefiles: fix dentry leak in cachefiles_open_file() (bsc#1231181). * cachefiles: Fix non-taking of sb_writers around set/removexattr (bsc#1231013). * can: bcm: Clear bo-> bcm_proc_read after remove_proc_entry() (git-fixes). * can: bcm: Remove proc entry when dev is unregistered (git-fixes). * can: j1939: use correct function name in comment (git-fixes). * can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open (git- fixes). * cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (git-fixes). * ceph: remove the incorrect Fw reference check when dirtying pages (bsc#1231180). * char: xillybus: Check USB endpoints when probing device (git-fixes). * clk: qcom: clk-alpha-pll: Fix the pll post div mask (git-fixes). * clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API (git- fixes). * clk: qcom: clk-alpha-pll: Fix zonda set_rate failure when PLL is disabled (git-fixes). * cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately (git-fixes). * crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure (git-fixes). * crypto: virtio - Handle dataq logic with tasklet (git-fixes). * crypto: virtio - Wait for tasklet to complete on device remove (git-fixes). * crypto: xor - fix template benchmarking (git-fixes). * devres: Initialize an uninitialized struct member (stable-fixes). * driver core: Add debug logs when fwnode links are added/deleted (git-fixes). * driver core: Add missing parameter description to __fwnode_link_add() (git- fixes). * driver core: Create __fwnode_link_del() helper function (git-fixes). * driver core: fw_devlink: Allow marking a fwnode link as being part of a cycle (git-fixes). * driver core: fw_devlink: Consolidate device link flag computation (git- fixes). * driver core: Set deferred probe reason when deferred by driver core (git- fixes). * drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() (git-fixes). * Drivers: hv: vmbus:Fix rescind handling in uio_hv_generic (git-fixes). * Drivers: hv: vmbus: Fix the misplaced function description (git-fixes). * drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (git-fixes). * drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (git-fixes). * drm/amd/amdgpu: Check tbo resource pointer (stable-fixes). * drm/amd/amdgpu: Properly tune the size of struct (git-fixes). * drm/amd/display: Add array index check for hdcp ddc access (stable-fixes). * drm/amd/display: added NULL check at start of dc_validate_stream (stable- fixes). * drm/amd/display: Assign linear_pitch_alignment even for VM (stable-fixes). * drm/amd/display: Check denominator pbn_div before used (stable-fixes). * drm/amd/display: Check gpio_id before used as array index (stable-fixes). * drm/amd/display: Check HDCP returned status (stable-fixes). * drm/amd/display: Check msg_id before processing transcation (stable-fixes). * drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] (stable-fixes). * drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX (stable-fixes). * drm/amd/display: Ensure index calculation will not overflow (stable-fixes). * drm/amd/display: Fix Coverity INTEGER_OVERFLOW within dal_gpio_service_create (stable-fixes). * drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration (stable-fixes). * drm/amd/display: Skip wbscl_set_scaler_filter if filter is null (stable- fixes). * drm/amd/display: Spinlock before reading event (stable-fixes). * drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (stable-fixes). * drm/amdgpu/atomfirmware: Silence UBSAN warning (stable-fixes). * drm/amdgpu: avoid reading vf2pf info size from FB (stable-fixes). * drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6 (stable-fixes). * drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts (stable-fixes). *drm/amdgpu: fix a possible null pointer dereference (git-fixes). * drm/amdgpu: fix dereference after null check (stable-fixes). * drm/amdgpu: fix mc_data out-of-bounds read warning (stable-fixes). * drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number (stable-fixes). * drm/amdgpu: Fix out-of-bounds write warning (stable-fixes). * drm/amdgpu: fix overflowed array index read warning (stable-fixes). * drm/amdgpu: Fix smatch static checker warning (stable-fixes). * drm/amdgpu: fix the waring dereferencing hive (stable-fixes). * drm/amdgpu: fix ucode out-of-bounds read warning (stable-fixes). * drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr (stable- fixes). * drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy SOCs (stable-fixes). * drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc (stable- fixes). * drm/amdgpu/pm: Fix uninitialized variable agc_btc_response (stable-fixes). * drm/amdgpu/pm: Fix uninitialized variable warning for smu10 (stable-fixes). * drm/amdgpu: Set no_hw_access when VF request full GPU fails (stable-fixes). * drm/amdgpu: the warning dereferencing obj for nbio_v7_4 (stable-fixes). * drm/amdgpu: update type of buf size to u32 for eeprom functions (stable- fixes). * drm/amdkfd: Reconcile the definition and use of oem_id in struct kfd_topology_device (stable-fixes). * drm/amd/pm: check negtive return for table entries (stable-fixes). * drm/amd/pm: check specific index for aldebaran (stable-fixes). * drm/amd/pm: Fix negative array index read (stable-fixes). * drm/amd/pm: fix the Out-of-bounds read warning (stable-fixes). * drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr (stable- fixes). * drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt (stable- fixes). * drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr (stable- fixes). * drm/amd/pm: fix uninitialized variable warning (stable-fixes). * drm/amd/pm: fix warning usinguninitialized value of max_vid_step (stable- fixes). * drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid() (git-fixes). * drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ (stable-fixes). * drm/i915/fence: Mark debug_fence_free() with __maybe_unused (git-fixes). * drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused (git- fixes). * drm/i915/guc: prevent a possible int overflow in wq offsets (git-fixes). * drm/meson: plane: Add error handling (stable-fixes). * drm/msm/a5xx: disable preemption in submits by default (git-fixes). * drm/msm/a5xx: fix races in preemption evaluation stage (git-fixes). * drm/msm/a5xx: properly clear preemption records on resume (git-fixes). * drm/msm/a5xx: workaround early ring-buffer emptiness check (git-fixes). * drm/msm/adreno: Fix error return if missing firmware-name (stable-fixes). * drm/msm/disp/dpu: use atomic enable/disable callbacks for encoder (bsc#1230444) * drm/msm: Fix incorrect file name output in adreno_request_fw() (git-fixes). * drm/msm: fix %s null argument error (git-fixes). * drm: omapdrm: Add missing check for alloc_ordered_workqueue (git-fixes). * drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets (git- fixes). * drm/radeon: fix null pointer dereference in radeon_add_common_modes (git- fixes). * drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode (git- fixes). * drm/rockchip: vop: Allow 4096px width scaling (git-fixes). * drm/stm: ltdc: check memory returned by devm_kzalloc() (git-fixes). * exfat: fix memory leak in exfat_load_bitmap() (git-fixes). * fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() (git-fixes). * filemap: remove use of wait bookmarks (bsc#1224085). * firmware_loader: Block path traversal (git-fixes). * fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF (bsc#1230592). * fuse: update stats for pages in dropped aux writebacklist (bsc#1230130). * fuse: use unsigned type for getxattr/listxattr size truncation (bsc#1230129). * genirq/affinity: Do not pass irq_affinity_desc array to irq_build_affinity_masks (bsc#1229031). * genirq/affinity: Move group_cpus_evenly() into lib/ (bsc#1229031). * genirq/affinity: Only build SMP-only helper functions on SMP kernels (bsc#1229031). * genirq/affinity: Pass affinity managed mask array to irq_build_affinity_masks (bsc#1229031). * genirq/affinity: Remove the 'firstvec' parameter from irq_build_affinity_masks (bsc#1229031). * genirq/affinity: Rename irq_build_affinity_masks as group_cpus_evenly (bsc#1229031). * genirq/affinity: Replace cpumask_weight() with cpumask_empty() where appropriate (bsc#1229031). * gfs2: setattr_chown: Add missing initialization (git-fixes). * HID: amd_sfh: free driver_data after destroying hid device (stable-fixes). * HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup (stable- fixes). * hwmon: (adc128d818) Fix underflows seen when writing limit attributes (stable-fixes). * hwmon: (lm95234) Fix underflows seen when writing limit attributes (stable- fixes). * hwmon: (max16065) Fix overflows seen when writing limits (git-fixes). * hwmon: (ntc_thermistor) fix module autoloading (git-fixes). * hwmon: (w83627ehf) Fix underflows seen when writing limit attributes (stable-fixes). * hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init (git- fixes). * hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume (git- fixes). * hwrng: mtk - Use devm_pm_runtime_enable (git-fixes). * i2c: aspeed: Update the stop sw state when the bus recovery occurs (git- fixes). * i2c: Fix conditional for substituting empty ACPI functions (stable-fixes). * i2c: isch: Add missed 'else' (git-fixes). * i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). * i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes). * i2c: xiic:Wait for TX empty to avoid missed TX NAKs (git-fixes). * i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup (stable- fixes). * IB/core: Fix ib_cache_setup_one error flow cleanup (git-fixes) * IB/hfi1: Fix potential deadlock on &irq_src_lock and &dd-> uctxt_lock (git- fixes) * iio: adc: ad7124: fix chip ID mismatch (git-fixes). * iio: adc: ad7124: fix config comparison (git-fixes). * iio: adc: ad7606: fix oversampling gpio array (git-fixes). * iio: adc: ad7606: fix standby gpio state to match the documentation (git- fixes). * iio: buffer-dmaengine: fix releasing dma channel on error (git-fixes). * iio: chemical: bme680: Fix read/write ops to device by adding mutexes (git- fixes). * iio: fix scale application in iio_convert_raw_to_processed_unlocked (git- fixes). * iio: magnetometer: ak8975: Fix reading for ak099xx sensors (git-fixes). * Input: ilitek_ts_i2c - add report id message validation (git-fixes). * Input: ilitek_ts_i2c - avoid wrong input subsystem sync (git-fixes). * Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). * Input: uinput - reject requests with unreasonable number of slots (stable- fixes). * ipmi: docs: do not advertise deprecated sysfs entries (git-fixes). * ipmi:ssif: Improve detecting during probing (bsc#1228771) * ipmi:ssif: Improve detecting during probing (bsc#1228771) * jfs: fix out-of-bounds in dbNextAG() and diAlloc() (git-fixes). * kabi: add __nf_queue_get_refs() for kabi compliance. * kABI, crypto: virtio - Handle dataq logic with tasklet (git-fixes). * kthread: Fix task state in kthread worker if being frozen (bsc#1231146). * lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (bsc#1229031). * lib/group_cpus.c: honor housekeeping config when grouping CPUs (bsc#1229034). * lib/group_cpus: Export group_cpus_evenly() (bsc#1229031). * lirc: rc_dev_get_from_fd(): fix file leak (git-fixes). * mailbox: bcm2835: Fix timeout during suspend mode(git-fixes). * mailbox: rockchip: fix a typo in module autoloading (git-fixes). * media: aspeed: Fix no complete irq for non-64-aligned width (bsc#1230269) * media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse (stable-fixes). * media: qcom: camss: Fix ordering of pm_runtime_enable (git-fixes). * media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (git-fixes). * media: sun4i_csi: Implement link validate for sun4i_csi subdev (git-fixes). * media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags (git-fixes). * media: uvcvideo: Enforce alignment of frame and interval (stable-fixes). * media: venus: fix use after free bug in venus_remove due to race condition (git-fixes). * media: vicodec: allow en/decoder cmd w/o CAPTURE (git-fixes). * media: vivid: do not set HDMI TX controls if there are no HDMI outputs (stable-fixes). * media: vivid: fix wrong sizeimage value for mplane (stable-fixes). * mmc: cqhci: Fix checking of CQHCI_HALT state (git-fixes). * mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K (git-fixes). * mmc: sdhci-of-aspeed: fix module autoloading (git-fixes). * mtd: powernv: Add check devm_kasprintf() returned value (git-fixes). * mtd: slram: insert break after errors in parsing the map (git-fixes). * net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes). * net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (git- fixes). * net: missing check virtio (git-fixes). * net: tighten bad gso csum offset check in virtio_net_hdr (git-fixes). * nf_conntrack_proto_udp: do not accept packets with IPS_NAT_CLASH (bsc#1199769). * NFSD: Fix frame size warning in svc_export_parse() (git-fixes). * NFS: Do not re-read the entire page cache to find the next cookie (bsc#1226662). * NFSD: Rewrite synopsis of nfsd_percpu_counters_init() (git-fixes). * NFS: never reuse a NFSv4.0 lock-owner (bsc#1227726). * NFS: Reduce use of uncached readdir (bsc#1226662). *NFSv4: Add missing rescheduling points in nfs_client_return_marked_delegations (git-fixes). * nilfs2: Constify struct kobj_type (git-fixes). * nilfs2: determine empty node blocks as corrupted (git-fixes). * nilfs2: fix missing cleanup on rollforward recovery error (git-fixes). * nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() (git-fixes). * nilfs2: fix potential oob read in nilfs_btree_check_delete() (git-fixes). * nilfs2: fix state management in error path of log writing function (git- fixes). * nilfs2: protect references to superblock parameters exposed in sysfs (git- fixes). * nilfs2: replace snprintf in show functions with sysfs_emit (git-fixes). * nilfs2: use default_groups in kobj_type (git-fixes). * nvme: move stopping keep-alive into nvme_uninit_ctrl() (git-fixes). * nvme/pci: Add APST quirk for Lenovo N60z laptop (git-fixes). * nvme-pci: Add sleep quirk for Samsung 990 Evo (git-fixes). * nvme-pci: use block layer helpers to calculate num of queues (bsc#1229034). * nvme: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034). * nvmet: Identify-Active Namespace ID List command should reject invalid nsid (git-fixes). * nvmet-rdma: fix possible bad dereference when freeing rsps (git-fixes). * nvmet-tcp: do not continue for invalid icreq (git-fixes). * nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes). * nvmet-trace: avoid dereferencing pointer too early (git-fixes). * ocfs2: cancel dqi_sync_work before freeing oinfo (git-fixes). * ocfs2: fix null-ptr-deref when journal load failed (git-fixes). * ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes). * ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes). * PCI: Add missing bridge lock to pci_bus_lock() (stable-fixes). * PCI: al: Check IORESOURCE_BUS existence during probe (git-fixes). * PCI/ASPM: Move pci_function_0() upward (bsc#1226915) * PCI/ASPM: Remove struct aspm_latency (bsc#1226915) *PCI/ASPM: Stop caching device L0s, L1 acceptable exit latencies (bsc#1226915) * PCI/ASPM: Stop caching link L0s, L1 exit latencies (bsc#1226915) * PCI: dra7xx: Fix error handling when IRQ request fails in probe (git-fixes). * PCI: dwc: Expose dw_pcie_ep_exit() to module (git-fixes). * PCI: dwc: Restore MSI Receiver mask during resume (git-fixes). * pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (stable-fixes). * PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) (stable- fixes). * PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (git-fixes). * PCI: Support BAR sizes up to 8TB (bsc#1231017) * PCI: Wait for Link before restoring Downstream Buses (git-fixes). * PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes). * PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler (git-fixes). * PCI: xilinx-nwl: Fix register misspelling (git-fixes). * pcmcia: Use resource_size function on resource object (stable-fixes). * pinctrl: single: fix missing error code in pcs_probe() (git-fixes). * pinctrl: single: fix potential NULL dereference in pcs_get_function() (git- fixes). * PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666). * platform/x86: dell-smbios: Fix error path in dell_smbios_init() (git-fixes). * platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array (git-fixes). * platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (git- fixes). * power: supply: axp20x_battery: Remove design from min and max voltage (git- fixes). * power: supply: Drop use_cnt check from power_supply_property_is_writeable() (git-fixes). * power: supply: hwmon: Fix missing temp1_max_alarm attribute (git-fixes). * power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense (git-fixes). * RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes) * RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes) * RDMA/efa: Properly handleunexpected AQ completions (git-fixes) * RDMA/hns: Do not modify rq next block addr in HIP09 QPC (git-fixes) * RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (git-fixes) * RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() (git-fixes) * RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler (git- fixes) * RDMA/hns: Optimize hem allocation performance (git-fixes) * RDMA/irdma: fix error message in irdma_modify_qp_roce() (git-fixes) * RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git- fixes) * RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (git-fixes) * RDMA/rtrs: Fix the problem of variable not initialized fully (git-fixes) * RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer (git- fixes) * Restore dropped fields for bluetooth MGMT/SMP structs (git-fixes). * Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE" (git-fixes). * Revert "media: tuners: fix error return code of hybrid_tuner_request_state()" (git-fixes). * Revert "media: tuners: fix error return code of hybrid_tuner_request_state()" (stable-fixes). * rtc: at91sam9: fix OF node leak in probe() error path (git-fixes). * scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223). * scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds (bsc#1229429). * scsi: lpfc: Copyright updates for 14.4.0.4 patches (bsc#1229429). * scsi: lpfc: Fix overflow build issue (bsc#1229429). * scsi: lpfc: Fix unintentional double clearing of vmid_flag (bsc#1229429). * scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (bsc#1229429). * scsi: lpfc: Remove redundant vport assignment when building an abort request (bsc#1229429). * scsi: lpfc: Update lpfc version to 14.4.0.4 (bsc#1229429). * scsi: lpfc: Update PRLO handling in direct attached topology (bsc#1229429). * scsi: lpfc: Validate hdwq pointers before dereferencing inreset/errata paths (bsc#1229429). * scsi: pm8001: do not overwrite PCI queue mapping (bsc#1229034). * scsi: replace blk_mq_pci_map_queues with blk_mq_dev_map_queues (bsc#1229034). * scsi: sd: Fix off-by-one error in sd_read_block_characteristics() (bsc#1223848). * scsi: use block layer helpers to calculate num of queues (bsc#1229034). * spi: nxp-fspi: fix the KASAN report out-of-bounds bug (git-fixes). * Squashfs: sanity check symbolic link size (git-fixes). * staging: iio: frequency: ad9834: Validate frequency parameter value (git- fixes). * thunderbolt: Mark XDomain as unplugged when router is removed (stable- fixes). * tomoyo: fallback to realpath if symlink's pathname does not exist (git- fixes). * tools/virtio: fix build (git-fixes). * tpm: Clean up TPM space after command failure (git-fixes). * tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes). * tty: rp2: Fix reset with non forgiving PCIe host bridges (git-fixes). * udp: fix receiving fraglist GSO packets (git-fixes). * uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (git- fixes). * usb: cdnsp: Fix incorrect usb_request status (git-fixes). * USB: class: CDC-ACM: fix race between get_serial and set_serial (git-fixes). * usb: dwc2: drd: fix clock gating on USB role switch (git-fixes). * usb: dwc2: Skip clock gating on Broadcom SoCs (git-fixes). * usb: dwc3: core: Prevent USB core invalid event buffer address access (git- fixes). * usb: dwc3: core: Skip setting event buffers for host only controllers (git- fixes). * usb: dwc3: core: update LC timer as per USB Spec V3.2 (git-fixes). * usb: dwc3: omap: add missing depopulate in probe error path (git-fixes). * usb: dwc3: st: add missing depopulate in probe error path (git-fixes). * usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes). * usbip: Do not submit special requests twice (stable-fixes). * usbnet: fix cyclical race on disconnect with workqueue (git-fixes). * usbnet: ipheth: race between ipheth_close and error handling (git-fixes). * usbnet: modern method to get random MAC (git-fixes). * USB: serial: kobil_sct: restore initial terminal settings (git-fixes). * USB: serial: option: add MeiG Smart SRM825L (git-fixes). * usb: typec: ucsi: Fix null pointer dereference in trace (stable-fixes). * usb: uas: set host status byte on data completion error (git-fixes). * usb: uas: set host status byte on data completion error (stable-fixes). * USB: usbtmc: prevent kernel-usb-infoleak (git-fixes). * usb: xhci: fix loss of data on Cadence xHC (git-fixes). * vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes). * vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes). * virito: add APIs for retrieving vq affinity (bsc#1229034). * virtio-blk: Ensure no requests in virtqueues before deleting vqs (git- fixes). * virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1229034). * virtio: blk/scs: replace blk_mq_virtio_map_queues with blk_mq_dev_map_queues (bsc#1229034). * virtiofs: forbid newlines in tags (bsc#1230591). * virtio_net: checksum offloading handling fix (git-fixes). * virtio_net: Fix "'%d' directive writing between 1 and 11 bytes into a region of size 10" warnings (git-fixes). * virtio_net: use u64_stats_t infra to avoid data-races (git-fixes). * virtio: reenable config if freezing device failed (git-fixes). * virtio/vsock: fix logic which reduces credit update messages (git-fixes). * VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (git-fixes). * vsock/virtio: add support for device suspend/resume (git-fixes). * vsock/virtio: factor our the code to initialize and delete VQs (git-fixes). * vsock/virtio: initialize the_virtio_vsock before using VQs (git-fixes). * vsock/virtio: remove socket from connected/bound list on shutdown (git- fixes). * watchdog: imx_sc_wdt: Do not disable WDT in suspend (git-fixes). * wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3 (stable-fixes). * wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors (git- fixes). * wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() (git-fixes). * wifi: iwlwifi: mvm: increase the time between ranging measurements (git- fixes). * wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (git- fixes). * wifi: mt76: mt7615: check devm_kasprintf() returned value (git-fixes). * wifi: mt76: mt7915: fix rx filter setting for bfee functionality (git- fixes). * wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (stable-fixes). * wifi: rtw88: 8822c: Fix reported RX band width (git-fixes). * wifi: rtw88: always wait for both firmware loading attempts (git-fixes). * wifi: rtw88: remove CPT execution branch never used (git-fixes). * wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param (git-fixes). * x86/hyperv: fix kexec crash due to VP assist page corruption (git-fixes). * x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382). * x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382). * x86/xen: Convert comma to semicolon (git-fixes). * xen: add capability to remap non-RAM pages to different PFNs (bsc#1226003). * xen: allow mapping ACPI data using a different physical address (bsc#1226003). * xen: introduce generic helper checking for memory map conflicts (bsc#1226003). * xen: move checks for e820 conflicts further up (bsc#1226003). * xen: move max_pfn in xen_memory_setup() out of function scope (bsc#1226003). * xen/swiotlb: add alignment check for dma buffers (bsc#1229928). * xen/swiotlb: fix allocated size (git-fixes). * xen: tolerate ACPI NVS memory overlapping with Xen allocated memory (bsc#1226003). * xen: use correct end address of kernel for conflict checking (bsc#1226003). * xfs: do not include bnobt blocks when reserving freeblock pool (git-fixes). * xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them (git- fixes). * xz: cleanup CRC32 edits from 2018 (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3592=1 SUSE-2024-3592=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3592=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3592=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3592=1 * SUSE Real Time Module 15-SP5 zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-3592=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.73.1 * kernel-devel-rt-5.14.21-150500.13.73.1 * openSUSE Leap 15.5 (x86_64) * kernel-syms-rt-5.14.21-150500.13.73.1 * kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource-1-150500.11.3.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.73.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.73.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.73.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.73.1 * dlm-kmp-rt-5.14.21-150500.13.73.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.73.1 * kernel-rt-livepatch-5.14.21-150500.13.73.1 * kselftests-kmp-rt-5.14.21-150500.13.73.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.73.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.73.1 * kernel-livepatch-5_14_21-150500_13_73-rt-1-150500.11.3.1 * kernel-rt_debug-livepatch-devel-5.14.21-150500.13.73.1 * kernel-rt-optional-5.14.21-150500.13.73.1 * kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo-1-150500.11.3.1 *kernel-rt-debugsource-5.14.21-150500.13.73.1 * kernel-rt-devel-5.14.21-150500.13.73.1 * kernel-rt-debuginfo-5.14.21-150500.13.73.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.73.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.73.1 * reiserfs-kmp-rt-5.14.21-150500.13.73.1 * kernel-rt-vdso-5.14.21-150500.13.73.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.73.1 * cluster-md-kmp-rt-5.14.21-150500.13.73.1 * kernel-rt_debug-devel-5.14.21-150500.13.73.1 * gfs2-kmp-rt-5.14.21-150500.13.73.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.73.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.73.1 * ocfs2-kmp-rt-5.14.21-150500.13.73.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.73.1 * kernel-rt_debug-vdso-5.14.21-150500.13.73.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.73.1 * kernel-rt-extra-5.14.21-150500.13.73.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.73.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.73.1 * kernel-rt-5.14.21-150500.13.73.1 * openSUSE Leap Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.73.1 * openSUSE Leap Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.73.1 * kernel-rt-debugsource-5.14.21-150500.13.73.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.73.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.73.1 * kernel-rt-debugsource-5.14.21-150500.13.73.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.73.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_21-debugsource-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_13_73-rt-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_13_73-rt-debuginfo-1-150500.11.3.1 * SUSE Real Time Module 15-SP5 (x86_64) * kernel-syms-rt-5.14.21-150500.13.73.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.73.1 *ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.73.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.73.1 * dlm-kmp-rt-5.14.21-150500.13.73.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.73.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.73.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.73.1 * kernel-rt-debugsource-5.14.21-150500.13.73.1 * kernel-rt-devel-5.14.21-150500.13.73.1 * kernel-rt-debuginfo-5.14.21-150500.13.73.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.73.1 * kernel-rt-vdso-5.14.21-150500.13.73.1 * cluster-md-kmp-rt-5.14.21-150500.13.73.1 * kernel-rt_debug-devel-5.14.21-150500.13.73.1 * gfs2-kmp-rt-5.14.21-150500.13.73.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.73.1 * ocfs2-kmp-rt-5.14.21-150500.13.73.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.73.1 * kernel-rt_debug-vdso-5.14.21-150500.13.73.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.73.1 * SUSE Real Time Module 15-SP5 (noarch) * kernel-source-rt-5.14.21-150500.13.73.1 * kernel-devel-rt-5.14.21-150500.13.73.1 * SUSE Real Time Module 15-SP5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.73.1 * kernel-rt-5.14.21-150500.13.73.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48901.html * https://www.suse.com/security/cve/CVE-2022-48911.html * https://www.suse.com/security/cve/CVE-2022-48923.html * https://www.suse.com/security/cve/CVE-2022-48935.html * https://www.suse.com/security/cve/CVE-2022-48944.html * https://www.suse.com/security/cve/CVE-2022-48945.html * https://www.suse.com/security/cve/CVE-2023-52610.html * https://www.suse.com/security/cve/CVE-2023-52916.html * https://www.suse.com/security/cve/CVE-2024-26640.html * https://www.suse.com/security/cve/CVE-2024-26759.html * https://www.suse.com/security/cve/CVE-2024-26767.html * https://www.suse.com/security/cve/CVE-2024-26804.html * https://www.suse.com/security/cve/CVE-2024-26837.html * https://www.suse.com/security/cve/CVE-2024-37353.html *https://www.suse.com/security/cve/CVE-2024-38538.html * https://www.suse.com/security/cve/CVE-2024-38596.html * https://www.suse.com/security/cve/CVE-2024-38632.html * https://www.suse.com/security/cve/CVE-2024-40910.html * https://www.suse.com/security/cve/CVE-2024-40973.html * https://www.suse.com/security/cve/CVE-2024-40983.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41082.html * https://www.suse.com/security/cve/CVE-2024-42154.html * https://www.suse.com/security/cve/CVE-2024-42259.html * https://www.suse.com/security/cve/CVE-2024-42265.html * https://www.suse.com/security/cve/CVE-2024-42304.html * https://www.suse.com/security/cve/CVE-2024-42305.html * https://www.suse.com/security/cve/CVE-2024-42306.html * https://www.suse.com/security/cve/CVE-2024-43828.html * https://www.suse.com/security/cve/CVE-2024-43835.html * https://www.suse.com/security/cve/CVE-2024-43890.html * https://www.suse.com/security/cve/CVE-2024-43898.html * https://www.suse.com/security/cve/CVE-2024-43912.html * https://www.suse.com/security/cve/CVE-2024-43914.html * https://www.suse.com/security/cve/CVE-2024-44935.html * https://www.suse.com/security/cve/CVE-2024-44944.html * https://www.suse.com/security/cve/CVE-2024-44946.html * https://www.suse.com/security/cve/CVE-2024-44948.html * https://www.suse.com/security/cve/CVE-2024-44950.html * https://www.suse.com/security/cve/CVE-2024-44952.html * https://www.suse.com/security/cve/CVE-2024-44954.html * https://www.suse.com/security/cve/CVE-2024-44967.html * https://www.suse.com/security/cve/CVE-2024-44969.html * https://www.suse.com/security/cve/CVE-2024-44970.html * https://www.suse.com/security/cve/CVE-2024-44971.html * https://www.suse.com/security/cve/CVE-2024-44972.html * https://www.suse.com/security/cve/CVE-2024-44977.html * https://www.suse.com/security/cve/CVE-2024-44982.html * https://www.suse.com/security/cve/CVE-2024-44986.html *https://www.suse.com/security/cve/CVE-2024-44987.html * https://www.suse.com/security/cve/CVE-2024-44988.html * https://www.suse.com/security/cve/CVE-2024-44989.html * https://www.suse.com/security/cve/CVE-2024-44990.html * https://www.suse.com/security/cve/CVE-2024-44998.html * https://www.suse.com/security/cve/CVE-2024-44999.html * https://www.suse.com/security/cve/CVE-2024-45000.html * https://www.suse.com/security/cve/CVE-2024-45001.html * https://www.suse.com/security/cve/CVE-2024-45003.html * https://www.suse.com/security/cve/CVE-2024-45006.html * https://www.suse.com/security/cve/CVE-2024-45007.html * https://www.suse.com/security/cve/CVE-2024-45008.html * https://www.suse.com/security/cve/CVE-2024-45011.html * https://www.suse.com/security/cve/CVE-2024-45013.html * https://www.suse.com/security/cve/CVE-2024-45015.html * https://www.suse.com/security/cve/CVE-2024-45018.html * https://www.suse.com/security/cve/CVE-2024-45020.html * https://www.suse.com/security/cve/CVE-2024-45021.html * https://www.suse.com/security/cve/CVE-2024-45026.html * https://www.suse.com/security/cve/CVE-2024-45028.html * https://www.suse.com/security/cve/CVE-2024-45029.html * https://www.suse.com/security/cve/CVE-2024-46673.html * https://www.suse.com/security/cve/CVE-2024-46674.html * https://www.suse.com/security/cve/CVE-2024-46675.html * https://www.suse.com/security/cve/CVE-2024-46676.html * https://www.suse.com/security/cve/CVE-2024-46677.html * https://www.suse.com/security/cve/CVE-2024-46679.html * https://www.suse.com/security/cve/CVE-2024-46685.html * https://www.suse.com/security/cve/CVE-2024-46686.html * https://www.suse.com/security/cve/CVE-2024-46689.html * https://www.suse.com/security/cve/CVE-2024-46694.html * https://www.suse.com/security/cve/CVE-2024-46702.html * https://www.suse.com/security/cve/CVE-2024-46707.html * https://www.suse.com/security/cve/CVE-2024-46714.html * https://www.suse.com/security/cve/CVE-2024-46715.html *https://www.suse.com/security/cve/CVE-2024-46717.html * https://www.suse.com/security/cve/CVE-2024-46720.html * https://www.suse.com/security/cve/CVE-2024-46721.html * https://www.suse.com/security/cve/CVE-2024-46722.html * https://www.suse.com/security/cve/CVE-2024-46723.html * https://www.suse.com/security/cve/CVE-2024-46724.html * https://www.suse.com/security/cve/CVE-2024-46725.html * https://www.suse.com/security/cve/CVE-2024-46726.html * https://www.suse.com/security/cve/CVE-2024-46727.html * https://www.suse.com/security/cve/CVE-2024-46728.html * https://www.suse.com/security/cve/CVE-2024-46730.html * https://www.suse.com/security/cve/CVE-2024-46731.html * https://www.suse.com/security/cve/CVE-2024-46732.html * https://www.suse.com/security/cve/CVE-2024-46737.html * https://www.suse.com/security/cve/CVE-2024-46738.html * https://www.suse.com/security/cve/CVE-2024-46739.html * https://www.suse.com/security/cve/CVE-2024-46743.html * https://www.suse.com/security/cve/CVE-2024-46744.html * https://www.suse.com/security/cve/CVE-2024-46745.html * https://www.suse.com/security/cve/CVE-2024-46746.html * https://www.suse.com/security/cve/CVE-2024-46747.html * https://www.suse.com/security/cve/CVE-2024-46750.html * https://www.suse.com/security/cve/CVE-2024-46751.html * https://www.suse.com/security/cve/CVE-2024-46752.html * https://www.suse.com/security/cve/CVE-2024-46753.html * https://www.suse.com/security/cve/CVE-2024-46755.html * https://www.suse.com/security/cve/CVE-2024-46756.html * https://www.suse.com/security/cve/CVE-2024-46758.html * https://www.suse.com/security/cve/CVE-2024-46759.html * https://www.suse.com/security/cve/CVE-2024-46761.html * https://www.suse.com/security/cve/CVE-2024-46771.html * https://www.suse.com/security/cve/CVE-2024-46772.html * https://www.suse.com/security/cve/CVE-2024-46773.html * https://www.suse.com/security/cve/CVE-2024-46774.html * https://www.suse.com/security/cve/CVE-2024-46778.html *https://www.suse.com/security/cve/CVE-2024-46780.html * https://www.suse.com/security/cve/CVE-2024-46781.html * https://www.suse.com/security/cve/CVE-2024-46783.html * https://www.suse.com/security/cve/CVE-2024-46784.html * https://www.suse.com/security/cve/CVE-2024-46786.html * https://www.suse.com/security/cve/CVE-2024-46787.html * https://www.suse.com/security/cve/CVE-2024-46791.html * https://www.suse.com/security/cve/CVE-2024-46794.html * https://www.suse.com/security/cve/CVE-2024-46798.html * https://www.suse.com/security/cve/CVE-2024-46822.html * https://www.suse.com/security/cve/CVE-2024-46830.html * https://bugzilla.suse.com/show_bug.cgi?id=1199769 * https://bugzilla.suse.com/show_bug.cgi?id=1216223 * https://bugzilla.suse.com/show_bug.cgi?id=1220382 * https://bugzilla.suse.com/show_bug.cgi?id=1221610 * https://bugzilla.suse.com/show_bug.cgi?id=1221650 * https://bugzilla.suse.com/show_bug.cgi?id=1222629 * https://bugzilla.suse.com/show_bug.cgi?id=1222973 * https://bugzilla.suse.com/show_bug.cgi?id=1223600 * https://bugzilla.suse.com/show_bug.cgi?id=1223848 * https://bugzilla.suse.com/show_bug.cgi?id=1224085 * https://bugzilla.suse.com/show_bug.cgi?id=1225903 * https://bugzilla.suse.com/show_bug.cgi?id=1226003 * https://bugzilla.suse.com/show_bug.cgi?id=1226606 * https://bugzilla.suse.com/show_bug.cgi?id=1226662 * https://bugzilla.suse.com/show_bug.cgi?id=1226666 * https://bugzilla.suse.com/show_bug.cgi?id=1226846 * https://bugzilla.suse.com/show_bug.cgi?id=1226860 * https://bugzilla.suse.com/show_bug.cgi?id=1226875 * https://bugzilla.suse.com/show_bug.cgi?id=1226915 * https://bugzilla.suse.com/show_bug.cgi?id=1227487 * https://bugzilla.suse.com/show_bug.cgi?id=1227726 * https://bugzilla.suse.com/show_bug.cgi?id=1227819 * https://bugzilla.suse.com/show_bug.cgi?id=1227832 * https://bugzilla.suse.com/show_bug.cgi?id=1227890 * https://bugzilla.suse.com/show_bug.cgi?id=1228507 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 *https://bugzilla.suse.com/show_bug.cgi?id=1228620 * https://bugzilla.suse.com/show_bug.cgi?id=1228771 * https://bugzilla.suse.com/show_bug.cgi?id=1229031 * https://bugzilla.suse.com/show_bug.cgi?id=1229034 * https://bugzilla.suse.com/show_bug.cgi?id=1229086 * https://bugzilla.suse.com/show_bug.cgi?id=1229156 * https://bugzilla.suse.com/show_bug.cgi?id=1229289 * https://bugzilla.suse.com/show_bug.cgi?id=1229334 * https://bugzilla.suse.com/show_bug.cgi?id=1229362 * https://bugzilla.suse.com/show_bug.cgi?id=1229363 * https://bugzilla.suse.com/show_bug.cgi?id=1229364 * https://bugzilla.suse.com/show_bug.cgi?id=1229394 * https://bugzilla.suse.com/show_bug.cgi?id=1229429 * https://bugzilla.suse.com/show_bug.cgi?id=1229453 * https://bugzilla.suse.com/show_bug.cgi?id=1229572 * https://bugzilla.suse.com/show_bug.cgi?id=1229573 * https://bugzilla.suse.com/show_bug.cgi?id=1229585 * https://bugzilla.suse.com/show_bug.cgi?id=1229607 * https://bugzilla.suse.com/show_bug.cgi?id=1229619 * https://bugzilla.suse.com/show_bug.cgi?id=1229633 * https://bugzilla.suse.com/show_bug.cgi?id=1229662 * https://bugzilla.suse.com/show_bug.cgi?id=1229753 * https://bugzilla.suse.com/show_bug.cgi?id=1229764 * https://bugzilla.suse.com/show_bug.cgi?id=1229790 * https://bugzilla.suse.com/show_bug.cgi?id=1229810 * https://bugzilla.suse.com/show_bug.cgi?id=1229830 * https://bugzilla.suse.com/show_bug.cgi?id=1229899 * https://bugzilla.suse.com/show_bug.cgi?id=1229928 * https://bugzilla.suse.com/show_bug.cgi?id=1229947 * https://bugzilla.suse.com/show_bug.cgi?id=1230015 * https://bugzilla.suse.com/show_bug.cgi?id=1230129 * https://bugzilla.suse.com/show_bug.cgi?id=1230130 * https://bugzilla.suse.com/show_bug.cgi?id=1230170 * https://bugzilla.suse.com/show_bug.cgi?id=1230171 * https://bugzilla.suse.com/show_bug.cgi?id=1230174 * https://bugzilla.suse.com/show_bug.cgi?id=1230175 * https://bugzilla.suse.com/show_bug.cgi?id=1230176 *https://bugzilla.suse.com/show_bug.cgi?id=1230178 * https://bugzilla.suse.com/show_bug.cgi?id=1230180 * https://bugzilla.suse.com/show_bug.cgi?id=1230185 * https://bugzilla.suse.com/show_bug.cgi?id=1230192 * https://bugzilla.suse.com/show_bug.cgi?id=1230193 * https://bugzilla.suse.com/show_bug.cgi?id=1230194 * https://bugzilla.suse.com/show_bug.cgi?id=1230200 * https://bugzilla.suse.com/show_bug.cgi?id=1230204 * https://bugzilla.suse.com/show_bug.cgi?id=1230209 * https://bugzilla.suse.com/show_bug.cgi?id=1230211 * https://bugzilla.suse.com/show_bug.cgi?id=1230212 * https://bugzilla.suse.com/show_bug.cgi?id=1230217 * https://bugzilla.suse.com/show_bug.cgi?id=1230224 * https://bugzilla.suse.com/show_bug.cgi?id=1230230 * https://bugzilla.suse.com/show_bug.cgi?id=1230233 * https://bugzilla.suse.com/show_bug.cgi?id=1230244 * https://bugzilla.suse.com/show_bug.cgi?id=1230245 * https://bugzilla.suse.com/show_bug.cgi?id=1230247 * https://bugzilla.suse.com/show_bug.cgi?id=1230248 * https://bugzilla.suse.com/show_bug.cgi?id=1230269 * https://bugzilla.suse.com/show_bug.cgi?id=1230339 * https://bugzilla.suse.com/show_bug.cgi?id=1230340 * https://bugzilla.suse.com/show_bug.cgi?id=1230392 * https://bugzilla.suse.com/show_bug.cgi?id=1230398 * https://bugzilla.suse.com/show_bug.cgi?id=1230431 * https://bugzilla.suse.com/show_bug.cgi?id=1230433 * https://bugzilla.suse.com/show_bug.cgi?id=1230434 * https://bugzilla.suse.com/show_bug.cgi?id=1230440 * https://bugzilla.suse.com/show_bug.cgi?id=1230442 * https://bugzilla.suse.com/show_bug.cgi?id=1230444 * https://bugzilla.suse.com/show_bug.cgi?id=1230450 * https://bugzilla.suse.com/show_bug.cgi?id=1230451 * https://bugzilla.suse.com/show_bug.cgi?id=1230454 * https://bugzilla.suse.com/show_bug.cgi?id=1230506 * https://bugzilla.suse.com/show_bug.cgi?id=1230507 * https://bugzilla.suse.com/show_bug.cgi?id=1230511 * https://bugzilla.suse.com/show_bug.cgi?id=1230515 *https://bugzilla.suse.com/show_bug.cgi?id=1230517 * https://bugzilla.suse.com/show_bug.cgi?id=1230524 * https://bugzilla.suse.com/show_bug.cgi?id=1230533 * https://bugzilla.suse.com/show_bug.cgi?id=1230535 * https://bugzilla.suse.com/show_bug.cgi?id=1230549 * https://bugzilla.suse.com/show_bug.cgi?id=1230556 * https://bugzilla.suse.com/show_bug.cgi?id=1230582 * https://bugzilla.suse.com/show_bug.cgi?id=1230589 * https://bugzilla.suse.com/show_bug.cgi?id=1230591 * https://bugzilla.suse.com/show_bug.cgi?id=1230592 * https://bugzilla.suse.com/show_bug.cgi?id=1230699 * https://bugzilla.suse.com/show_bug.cgi?id=1230700 * https://bugzilla.suse.com/show_bug.cgi?id=1230701 * https://bugzilla.suse.com/show_bug.cgi?id=1230702 * https://bugzilla.suse.com/show_bug.cgi?id=1230703 * https://bugzilla.suse.com/show_bug.cgi?id=1230705 * https://bugzilla.suse.com/show_bug.cgi?id=1230706 * https://bugzilla.suse.com/show_bug.cgi?id=1230707 * https://bugzilla.suse.com/show_bug.cgi?id=1230709 * https://bugzilla.suse.com/show_bug.cgi?id=1230710 * https://bugzilla.suse.com/show_bug.cgi?id=1230711 * https://bugzilla.suse.com/show_bug.cgi?id=1230712 * https://bugzilla.suse.com/show_bug.cgi?id=1230719 * https://bugzilla.suse.com/show_bug.cgi?id=1230724 * https://bugzilla.suse.com/show_bug.cgi?id=1230725 * https://bugzilla.suse.com/show_bug.cgi?id=1230730 * https://bugzilla.suse.com/show_bug.cgi?id=1230731 * https://bugzilla.suse.com/show_bug.cgi?id=1230732 * https://bugzilla.suse.com/show_bug.cgi?id=1230733 * https://bugzilla.suse.com/show_bug.cgi?id=1230747 * https://bugzilla.suse.com/show_bug.cgi?id=1230748 * https://bugzilla.suse.com/show_bug.cgi?id=1230751 * https://bugzilla.suse.com/show_bug.cgi?id=1230752 * https://bugzilla.suse.com/show_bug.cgi?id=1230756 * https://bugzilla.suse.com/show_bug.cgi?id=1230761 * https://bugzilla.suse.com/show_bug.cgi?id=1230766 * https://bugzilla.suse.com/show_bug.cgi?id=1230767 *https://bugzilla.suse.com/show_bug.cgi?id=1230768 * https://bugzilla.suse.com/show_bug.cgi?id=1230771 * https://bugzilla.suse.com/show_bug.cgi?id=1230772 * https://bugzilla.suse.com/show_bug.cgi?id=1230776 * https://bugzilla.suse.com/show_bug.cgi?id=1230783 * https://bugzilla.suse.com/show_bug.cgi?id=1230786 * https://bugzilla.suse.com/show_bug.cgi?id=1230791 * https://bugzilla.suse.com/show_bug.cgi?id=1230794 * https://bugzilla.suse.com/show_bug.cgi?id=1230796 * https://bugzilla.suse.com/show_bug.cgi?id=1230802 * https://bugzilla.suse.com/show_bug.cgi?id=1230806 * https://bugzilla.suse.com/show_bug.cgi?id=1230808 * https://bugzilla.suse.com/show_bug.cgi?id=1230810 * https://bugzilla.suse.com/show_bug.cgi?id=1230812 * https://bugzilla.suse.com/show_bug.cgi?id=1230813 * https://bugzilla.suse.com/show_bug.cgi?id=1230814 * https://bugzilla.suse.com/show_bug.cgi?id=1230815 * https://bugzilla.suse.com/show_bug.cgi?id=1230821 * https://bugzilla.suse.com/show_bug.cgi?id=1230825 * https://bugzilla.suse.com/show_bug.cgi?id=1230830 * https://bugzilla.suse.com/show_bug.cgi?id=1231013 * https://bugzilla.suse.com/show_bug.cgi?id=1231017 * https://bugzilla.suse.com/show_bug.cgi?id=1231116 * https://bugzilla.suse.com/show_bug.cgi?id=1231120 * https://bugzilla.suse.com/show_bug.cgi?id=1231146 * https://bugzilla.suse.com/show_bug.cgi?id=1231180 * https://bugzilla.suse.com/show_bug.cgi?id=1231181 . A new critical patch set for the Linux Kernel targets security vulnerabilities. Review installation processes and details on the identified weaknesses. Linux Kernel Update, SUSE Security Patch, System Security Advisory. . Severity: Important. LinuxSecurity.com Team

Oct 10, 2024 •Important SuSE

security advisorycriticalimportant

SUSE: 2024:1801-1 Important: Kernel Security Fixes for SP5 and Leap

* bsc#1223858 * bsc#1224169 * bsc#1224340 Affected Products: . # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1801-1 Rating: important References: * bsc#1223858 * bsc#1224169 * bsc#1224340 Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has three security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. This update fixes a regression with kerberized nfs4 shares in the previous update (bsc#1223858). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1801=1 SUSE-2024-1801=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1801=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * kernel-azure-debugsource-5.14.21-150500.33.54.1 * kernel-azure-extra-5.14.21-150500.33.54.1 * cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.54.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.54.1 * cluster-md-kmp-azure-5.14.21-150500.33.54.1 * kernel-azure-debuginfo-5.14.21-150500.33.54.1 * dlm-kmp-azure-5.14.21-150500.33.54.1 * gfs2-kmp-azure-5.14.21-150500.33.54.1 * kernel-azure-devel-5.14.21-150500.33.54.1 * kernel-azure-optional-5.14.21-150500.33.54.1 * kernel-syms-azure-5.14.21-150500.33.54.1 * reiserfs-kmp-azure-5.14.21-150500.33.54.1 * kernel-azure-livepatch-devel-5.14.21-150500.33.54.1 * kselftests-kmp-azure-debuginfo-5.14.21-150500.33.54.1 * ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.54.1 * dlm-kmp-azure-debuginfo-5.14.21-150500.33.54.1 * kernel-azure-extra-debuginfo-5.14.21-150500.33.54.1 * reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.54.1 * kernel-azure-optional-debuginfo-5.14.21-150500.33.54.1 * gfs2-kmp-azure-debuginfo-5.14.21-150500.33.54.1 * ocfs2-kmp-azure-5.14.21-150500.33.54.1 * kselftests-kmp-azure-5.14.21-150500.33.54.1 * openSUSE Leap 15.5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.54.1 * openSUSE Leap 15.5 (x86_64) * kernel-azure-vdso-debuginfo-5.14.21-150500.33.54.1 * kernel-azure-vdso-5.14.21-150500.33.54.1 * openSUSE Leap 15.5 (noarch) * kernel-devel-azure-5.14.21-150500.33.54.1 * kernel-source-azure-5.14.21-150500.33.54.1 * Public Cloud Module 15-SP5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.54.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * kernel-azure-debugsource-5.14.21-150500.33.54.1 * kernel-azure-debuginfo-5.14.21-150500.33.54.1 * kernel-syms-azure-5.14.21-150500.33.54.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.54.1 * kernel-azure-devel-5.14.21-150500.33.54.1 * Public Cloud Module 15-SP5 (noarch) * kernel-devel-azure-5.14.21-150500.33.54.1 * kernel-source-azure-5.14.21-150500.33.54.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1223858 * https://bugzilla.suse.com/show_bug.cgi?id=1224169 * https://bugzilla.suse.com/show_bug.cgi?id=1224340 . Essential security patches for the Linux Kernel released for SUSE systems. Key defenses highlighted.. Kernel Update, SUSE Linux, Security Fixes, Bugfixes, Linux Kernel. . Severity: Important. LinuxSecurity.com Team

May 28, 2024 •Important SuSE

security advisorysecurity issueUbuntu

Ubuntu 22.04: USN-6743-2 Low Severity: Kernel Security Fixes

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-6743-2 April 22, 2024 linux-lowlatency-hwe-6.5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-lowlatency-hwe-6.5: Linux low latency kernel Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - JFS file system; - BPF subsystem; - Netfilter; (CVE-2023-52600, CVE-2024-26589, CVE-2024-26591, CVE-2024-26581, CVE-2023-52603) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: linux-image-6.5.0-28-lowlatency 6.5.0-28.29.1~22.04.1 linux-image-6.5.0-28-lowlatency-64k 6.5.0-28.29.1~22.04.1 linux-image-lowlatency-64k-hwe-22.04 6.5.0.28.29.1~22.04.1 linux-image-lowlatency-hwe-22.04 6.5.0.28.29.1~22.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6743-2 https://ubuntu.com/security/notices/USN-6743-1 CVE-2023-52600, CVE-2023-52603, CVE-2024-26581, CVE-2024-26589, CVE-2024-26591 Package Information: .Urgent patches for security flaws in the Linux kernel specific to Ubuntu's low-latency edition necessitate prompt response and implementation.. Linux Kernel Security, Ubuntu Low Latency, Security Updates, Kernel Advisories. . Severity: Low. LinuxSecurity.com Team

Apr 22, 2024 •Low Ubuntu

security advisorySUSE Linuximportant patch

SUSE Linux 15 SP2: 2023:4243-1 Important: Kernel Live Patch Details

* bsc#1210619 * bsc#1215440 Cross-References: * CVE-2023-1829 . # Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP2) Announcement ID: SUSE-SU-2023:4243-1 Rating: important References: * bsc#1210619 * bsc#1215440 Cross-References: * CVE-2023-1829 * CVE-2023-4623 CVSS scores: * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4623 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4623 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_163 fixes several issues. The following security issues were fixed: * CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215440). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2023-4243=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_40-debugsource-2-150200.2.1 * kernel-livepatch-5_3_18-150200_24_163-default-2-150200.2.1 * kernel-livepatch-5_3_18-150200_24_163-default-debuginfo-2-150200.2.1 ## References: *https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-4623.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1215440 . Revise key concerns in the Linux Kernel and outline patch guidance for impacted operating systems.. SUSE Linux Kernel Patch, Live Patching, Kernel Update. . Severity: Important. LinuxSecurity.com Team

Oct 30, 2023 •Important SuSE

security advisorybug fiximportant update

Oracle Linux 8: ELSA-2023-5244 Important: Kernel Fixes and Updates

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-5244 https://linux.oracle.com/errata/ELSA-2023-5244.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-abi-stablelists-4.18.0-477.27.0.1.el8_8.noarch.rpm kernel-core-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-cross-headers-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-debug-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-debug-core-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-debug-devel-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-debug-modules-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-debug-modules-extra-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-devel-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-doc-4.18.0-477.27.0.1.el8_8.noarch.rpm kernel-headers-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-modules-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-modules-extra-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-tools-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-tools-libs-4.18.0-477.27.0.1.el8_8.x86_64.rpm perf-4.18.0-477.27.0.1.el8_8.x86_64.rpm python3-perf-4.18.0-477.27.0.1.el8_8.x86_64.rpm kernel-tools-libs-devel-4.18.0-477.27.0.1.el8_8.x86_64.rpm aarch64: bpftool-4.18.0-477.27.0.1.el8_8.aarch64.rpm kernel-cross-headers-4.18.0-477.27.0.1.el8_8.aarch64.rpm kernel-headers-4.18.0-477.27.0.1.el8_8.aarch64.rpm kernel-tools-4.18.0-477.27.0.1.el8_8.aarch64.rpm kernel-tools-libs-4.18.0-477.27.0.1.el8_8.aarch64.rpm perf-4.18.0-477.27.0.1.el8_8.aarch64.rpm python3-perf-4.18.0-477.27.0.1.el8_8.aarch64.rpm kernel-tools-libs-devel-4.18.0-477.27.0.1.el8_8.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//kernel-4.18.0-477.27.0.1.el8_8.src.rpm Related CVEs: CVE-2023-2002 CVE-2023-3090 CVE-2023-3776 CVE-2023-4004 CVE-2023-35001 CVE-2023-35788 Description of changes: [4.18.0-477.27.0.1.el8_8.OL8] - bluetooth: Perform careful capability checks inhci_sock_ioctl() {CVE-2023-2002} - ipvlan:Fix out-of-bounds caused by unclear skb-> cb {CVE-2023-3090} - net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776} - netfilter: nft_set_pipapo: fix improper element removal {CVE-2023-4004} - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval {CVE-2023-35001} - net/sched: flower: fix possible OOB write in fl_set_geneve_opt() {CVE-2023-35788} _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Security Note ELSA-2023-5245 delivers crucial enhancements to kernel functionality and addresses various issues with significant patches.. Oracle Linux, Kernel Updates, Security Advisory. . Severity: Important. LinuxSecurity.com Team

Sep 22, 2023 •Important Oracle

security advisoryheap overflowmemory access

openSUSE 15 SP5: SUSE-SU-2023:3676-1 Important Kernel Security Fixes

This update for the Linux Kernel 5.14.21-150500_13_5 fixes several issues. The following security issues were fixed:. # Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5) Announcement ID: SUSE-SU-2023:3676-1 Rating: important References: * #1211395 * #1212849 * #1213063 Cross-References: * CVE-2023-2156 * CVE-2023-3090 * CVE-2023-35001 CVSS scores: * CVE-2023-2156 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-3090 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3090 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-35001 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-35001 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_5 fixes several issues. The following security issues were fixed: * CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling of the RPL protocol (bsc#1211395). * CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder that could allow a local attacker to escalate their privilege (bsc#1213063). * CVE-2023-3090: Fixed a heapout-of-bounds write in the ipvlan network driver (bsc#1212849). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-3676=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2023-3679=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2023-3679=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (x86_64) * kernel-livepatch-SLE15-SP4-RT_Update_8-debugsource-2-150400.2.1 * kernel-livepatch-5_14_21-150400_15_37-rt-2-150400.2.1 * kernel-livepatch-5_14_21-150400_15_37-rt-debuginfo-2-150400.2.1 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_5-rt-2-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-2-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-2-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_5-rt-2-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-2-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-2-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-2156.html * https://www.suse.com/security/cve/CVE-2023-3090.html * https://www.suse.com/security/cve/CVE-2023-35001.html * https://bugzilla.suse.com/show_bug.cgi?id=1211395 * https://bugzilla.suse.com/show_bug.cgi?id=1212849 * https://bugzilla.suse.com/show_bug.cgi?id=1213063 . A patch for Linux Kernel 5.14.21-150500_13_5 has been issued to rectify severe vulnerabilities impacting openSUSE platforms.. Linux Kernel Patch, openSUSE Security, Kernel RT Update. . Severity: Important. LinuxSecurity.com Team

Sep 19, 2023 •Important OpenSUSE

security advisorysecurity issuekernel update

openSUSE 15 SP4: 2023:3313-1 important: kernel security issues

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed:. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2023:3313-1 Rating: important References: * #1206418 * #1207129 * #1210627 * #1210780 * #1211131 * #1211738 * #1212502 * #1212604 * #1212901 * #1213167 * #1213272 * #1213287 * #1213304 * #1213585 * #1213586 * #1213588 * #1213620 * #1213653 * #1213713 * #1213715 * #1213747 * #1213756 * #1213759 * #1213777 * #1213810 * #1213812 * #1213842 * #1213856 * #1213857 * #1213863 * #1213867 * #1213870 * #1213871 Cross-References: * CVE-2022-40982 * CVE-2023-0459 * CVE-2023-20569 * CVE-2023-21400 * CVE-2023-2156 * CVE-2023-2166 * CVE-2023-31083 * CVE-2023-3268 * CVE-2023-3567 * CVE-2023-3609 * CVE-2023-3611 * CVE-2023-3776 * CVE-2023-4004 CVSS scores: * CVE-2022-40982 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2022-40982 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-0459 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-0459 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-20569 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-21400 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-21400 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2156 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2166 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-31083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-31083 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-3268 ( SUSE ): 6.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2023-3268 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-3567 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3567 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3609 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3609 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3611 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3611 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3776 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3776 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4004 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP4 * Development Tools Module 15-SP4 * Legacy Module 15-SP4 * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Workstation Extension 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 13 vulnerabilities and has 20 fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: Fixed transientexecution attack called "Gather Data Sampling" (bsc#1206418). * CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec (bsc#1211738). * CVE-2023-20569: Fixed side channel attack âInceptionâ or âRAS Poisoningâ (bsc#1213287). * CVE-2023-21400: Fixed several memory corruptions due to improper locking in io_uring (bsc#1213272). * CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling of the RPL protocol (bsc#1211131). * CVE-2023-2166: Fixed NULL pointer dereference in can_rcv_filter (bsc#1210627). * CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780). * CVE-2023-3268: Fixed an out of bounds memory access flaw in relay_file_read_start_pos in the relayfs (bsc#1212502). * CVE-2023-3567: Fixed a use-after-free in vcs_read in drivers/tty/vt/vc_screen.c (bsc#1213167). * CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched (bsc#1213586). * CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq(bsc#1213585). * CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after- free (bsc#1213588). * CVE-2023-4004: Fixed improper element removal netfilter nft_set_pipapo (bsc#1213812). The following non-security bugs were fixed: * afs: Fix access after dec in put functions (git-fixes). * afs: Fix afs_getattr() to refetch file status if callback break occurred (git-fixes). * afs: Fix dynamic root getattr (git-fixes). * afs: Fix fileserver probe RTT handling (git-fixes). * afs: Fix infinite loop found by xfstest generic/676 (git-fixes). * afs: Fix lost servers_outstanding count (git-fixes). * afs: Fix server-> active leak in afs_put_server (git-fixes). * afs: Fix setting of mtime when creating a file/dir/symlink (git-fixes). * afs: Fix updating of i_size with dv jump from server (git-fixes). * afs: Fix vlserver probe RTT handling (git-fixes). * afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked(git-fixes). * afs: Use refcount_t rather than atomic_t (git-fixes). * afs: Use the operation issue time instead of the reply time for callbacks (git-fixes). * afs: adjust ack interpretation to try and cope with nat (git-fixes). * alsa: emu10k1: roll up loops in dsp setup code for audigy (git-fixes). * alsa: hda/realtek: support asus g713pv laptop (git-fixes). * alsa: hda/relatek: enable mute led on hp 250 g8 (git-fixes). * alsa: usb-audio: add quirk for microsoft modern wireless headset (bsc#1207129). * alsa: usb-audio: update for native dsd support quirks (git-fixes). * asoc: atmel: fix the 8k sample parameter in i2sc master (git-fixes). * asoc: codecs: es8316: fix dmic config (git-fixes). * asoc: da7219: check for failure reading aad irq events (git-fixes). * asoc: da7219: flush pending aad irq when suspending (git-fixes). * asoc: fsl_sai: disable bit clock with transmitter (git-fixes). * asoc: fsl_spdif: silence output on stop (git-fixes). * asoc: rt5682-sdw: fix for jd event handling in clockstop mode0 (git-fixes). * asoc: rt711-sdca: fix for jd event handling in clockstop mode0 (git-fixes). * asoc: rt711: fix for jd event handling in clockstop mode0 (git-fixes). * asoc: wm8904: fill the cache for wm8904_adc_test_0 register (git-fixes). * ata: pata_ns87415: mark ns87560_tf_read static (git-fixes). * block, bfq: Fix division by zero error on zero wsum (bsc#1213653). * block: Fix a source code comment in include/uapi/linux/blkzoned.h (git- fixes). * can: gs_usb: gs_can_close(): add missing set of CAN state to CAN_STATE_STOPPED (git-fixes). * ceph: do not let check_caps skip sending responses for revoke msgs (bsc#1213856). * coda: Avoid partial allocation of sig_inputArgs (git-fixes). * dlm: fix missing lkb refcount handling (git-fixes). * dlm: fix plock invalid read (git-fixes). * documentation: devices.txt: reconcile serial/ucc_uart minor numers (git- fixes). * drm/amd/display: Disable MPC split by default on special asic(git-fixes). * drm/amd/display: Keep PHY active for DP displays on DCN31 (git-fixes). * drm/client: Fix memory leak in drm_client_modeset_probe (git-fixes). * drm/msm/adreno: Fix snapshot BINDLESS_DATA size (git-fixes). * drm/msm/dpu: drop enum dpu_core_perf_data_bus_id (git-fixes). * drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb() (git- fixes). * drm/radeon: Fix integer overflow in radeon_cs_parser_init (git-fixes). * file: always lock position for FMODE_ATOMIC_POS (bsc#1213759). * fs: dlm: add midcomms init/start functions (git-fixes). * fs: dlm: do not set stop rx flag after node reset (git-fixes). * fs: dlm: filter user dlm messages for kernel locks (git-fixes). * fs: dlm: fix log of lowcomms vs midcomms (git-fixes). * fs: dlm: fix race between test_bit() and queue_work() (git-fixes). * fs: dlm: fix race in lowcomms (git-fixes). * fs: dlm: handle -EBUSY first in lock arg validation (git-fixes). * fs: dlm: move sending fin message into state change handling (git-fixes). * fs: dlm: retry accept() until -EAGAIN or error returns (git-fixes). * fs: dlm: return positive pid value for F_GETLK (git-fixes). * fs: dlm: start midcomms before scand (git-fixes). * fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode() (git- fixes). * fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev (git-fixes). * fs: jfs: check for read-only mounted filesystem in txbegin (git-fixes). * fs: jfs: fix null-ptr-deref read in txbegin (git-fixes). * gve: Set default duplex configuration to full (git-fixes). * gve: unify driver name usage (git-fixes). * hwmon: (k10temp) Enable AMD3255 Proc to show negative temperature (git- fixes). * hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled (git-fixes). * iavf: Fix out-of-bounds when setting channels on remove (git-fixes). * iavf: Fix use-after-free in free_netdev (git-fixes). * iavf: use internal state to free traffic IRQs (git-fixes). * igc: Check ifhardware TX timestamping is enabled earlier (git-fixes). * igc: Enable and fix RX hash usage by netstack (git-fixes). * igc: Fix Kernel Panic during ndo_tx_timeout callback (git-fixes). * igc: Fix inserting of empty frame for launchtime (git-fixes). * igc: Fix launchtime before start of cycle (git-fixes). * igc: Fix race condition in PTP tx code (git-fixes). * igc: Handle PPS start time programming for past time values (git-fixes). * igc: Prevent garbled TX queue with XDP ZEROCOPY (git-fixes). * igc: Remove delay during TX ring configuration (git-fixes). * igc: Work around HW bug causing missing timestamps (git-fixes). * igc: set TP bit in 'supported' and 'advertising' fields of ethtool_link_ksettings (git-fixes). * input: i8042 - add clevo pcx0dx to i8042 quirk table (git-fixes). * input: iqs269a - do not poll during ati (git-fixes). * input: iqs269a - do not poll during suspend or resume (git-fixes). * jffs2: GC deadlock reading a page that is used in jffs2_write_begin() (git- fixes). * jffs2: fix memory leak in jffs2_do_fill_super (git-fixes). * jffs2: fix memory leak in jffs2_do_mount_fs (git-fixes). * jffs2: fix memory leak in jffs2_scan_medium (git-fixes). * jffs2: fix use-after-free in jffs2_clear_xattr_subsystem (git-fixes). * jffs2: reduce stack usage in jffs2_build_xattr_subsystem() (git-fixes). * jfs: jfs_dmap: Validate db_l2nbperpage while mounting (git-fixes). * kvm: arm64: do not read a hw interrupt pending state in user context (git- fixes) * kvm: arm64: warn if accessing timer pending state outside of vcpu (bsc#1213620) * kvm: do not null dereference ops-> destroy (git-fixes) * kvm: downgrade two bug_ons to warn_on_once (git-fixes) * kvm: initialize debugfs_dentry when a vm is created to avoid null (git- fixes) * kvm: s390: pv: fix index value of replaced asce (git-fixes bsc#1213867). * kvm: vmx: inject #gp on encls if vcpu has paging disabled (cr0.pg==0) (git- fixes). * kvm: vmx: inject #gp, not #ud, if sgx2 enclsleafs are unsupported (git- fixes). * kvm: vmx: restore vmx_vmexit alignment (git-fixes). * kvm: x86: account fastpath-only vm-exits in vcpu stats (git-fixes). * libceph: harden msgr2.1 frame segment length checks (bsc#1213857). * media: staging: atomisp: select V4L2_FWNODE (git-fixes). * net/sched: sch_qfq: refactor parsing of netlink parameters (bsc#1213585). * net/sched: sch_qfq: reintroduce lmax bound check for MTU (bsc#1213585). * net: ena: fix shift-out-of-bounds in exponential backoff (git-fixes). * net: mana: Batch ringing RX queue doorbell on receiving packets (bsc#1212901). * net: mana: Use the correct WQE count for ringing RQ doorbell (bsc#1212901). * net: phy: marvell10g: fix 88x3310 power up (git-fixes). * nfsd: add encoding of op_recall flag for write delegation (git-fixes). * nfsd: fix double fget() bug in __write_ports_addfd() (git-fixes). * nfsd: fix sparse warning (git-fixes). * nfsd: remove open coding of string copy (git-fixes). * nfsv4.1: always send a reclaim_complete after establishing lease (git- fixes). * nfsv4.1: freeze the session table upon receiving nfs4err_badsession (git- fixes). * nvme-pci: fix DMA direction of unmapping integrity data (git-fixes). * nvme-pci: remove nvme_queue from nvme_iod (git-fixes). * octeontx-af: fix hardware timestamp configuration (git-fixes). * octeontx2-af: Move validation of ptp pointer before its usage (git-fixes). * octeontx2-pf: Add additional check for MCAM rules (git-fixes). * phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() (git- fixes). * pinctrl: amd: Do not show `Invalid config param` errors (git-fixes). * pinctrl: amd: Use amd_pinconf_set() for all config options (git-fixes). * platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100 (git- fixes). * rdma/bnxt_re: fix hang during driver unload (git-fixes) * rdma/bnxt_re: prevent handling any completions after qp destroy (git-fixes) * rdma/core: update cma destination address onrdma_resolve_addr (git-fixes) * rdma/irdma: add missing read barriers (git-fixes) * rdma/irdma: fix data race on cqp completion stats (git-fixes) * rdma/irdma: fix data race on cqp request done (git-fixes) * rdma/irdma: fix op_type reporting in cqes (git-fixes) * rdma/irdma: report correct wc error (git-fixes) * rdma/mlx4: make check for invalid flags stricter (git-fixes) * rdma/mthca: fix crash when polling cq for shared qps (git-fixes) * regmap: Account for register length in SMBus I/O limits (git-fixes). * regmap: Drop initial version of maximum transfer length fixes (git-fixes). * revert "debugfs, coccinelle: check for obsolete define_simple_attribute() usage" (git-fixes). * revert "nfsv4: retry lock on old_stateid during delegation return" (git- fixes). * revert "usb: dwc3: core: enable autoretry feature in the controller" (git- fixes). * revert "usb: gadget: tegra-xudc: fix error check in tegra_xudc_powerdomain_init()" (git-fixes). * revert "usb: xhci: tegra: fix error check" (git-fixes). * revert "xhci: add quirk for host controllers that do not update endpoint dcs" (git-fixes). * rxrpc, afs: Fix selection of abort codes (git-fixes). * s390/bpf: Add expoline to tail calls (git-fixes bsc#1213870). * s390/dasd: fix hanging device after quiesce/resume (git-fixes bsc#1213810). * s390/decompressor: specify __decompress() buf len to avoid overflow (git- fixes bsc#1213863). * s390/ipl: add missing intersection check to ipl_report handling (git-fixes bsc#1213871). * s390/qeth: Fix vipa deletion (git-fixes bsc#1213713). * s390/vmem: fix empty page tables cleanup under KASAN (git-fixes bsc#1213715). * s390: introduce nospec_uses_trampoline() (git-fixes bsc#1213870). * scftorture: Count reschedule IPIs (git-fixes). * scsi: lpfc: Abort outstanding ELS cmds when mailbox timeout error is detected (bsc#1213756). * scsi: lpfc: Avoid -Wstringop-overflow warning (bsc#1213756). * scsi: lpfc: Clean up SLI-4 sysfs resource reporting(bsc#1213756). * scsi: lpfc: Copyright updates for 14.2.0.14 patches (bsc#1213756). * scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() (bsc#1213756). * scsi: lpfc: Fix incorrect big endian type assignment in bsg loopback path (bsc#1213756). * scsi: lpfc: Fix incorrect big endian type assignments in FDMI and VMID paths (bsc#1213756). * scsi: lpfc: Fix lpfc_name struct packing (bsc#1213756). * scsi: lpfc: Make fabric zone discovery more robust when handling unsolicited LOGO (bsc#1213756). * scsi: lpfc: Pull out fw diagnostic dump log message from driver's trace buffer (bsc#1213756). * scsi: lpfc: Qualify ndlp discovery state when processing RSCN (bsc#1213756). * scsi: lpfc: Refactor cpu affinity assignment paths (bsc#1213756). * scsi: lpfc: Remove extra ndlp kref decrement in FLOGI cmpl for loop topology (bsc#1213756). * scsi: lpfc: Replace all non-returning strlcpy() with strscpy() (bsc#1213756). * scsi: lpfc: Replace one-element array with flexible-array member (bsc#1213756). * scsi: lpfc: Revise ndlp kref handling for dev_loss_tmo_callbk and lpfc_drop_node (bsc#1213756). * scsi: lpfc: Set Establish Image Pair service parameter only for Target Functions (bsc#1213756). * scsi: lpfc: Simplify fcp_abort transport callback log message (bsc#1213756). * scsi: lpfc: Update lpfc version to 14.2.0.14 (bsc#1213756). * scsi: lpfc: Use struct_size() helper (bsc#1213756). * scsi: qla2xxx: Adjust IOCB resource on qpair create (bsc#1213747). * scsi: qla2xxx: Array index may go out of bound (bsc#1213747). * scsi: qla2xxx: Avoid fcport pointer dereference (bsc#1213747). * scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() (bsc#1213747). * scsi: qla2xxx: Correct the index of array (bsc#1213747). * scsi: qla2xxx: Drop useless LIST_HEAD (bsc#1213747). * scsi: qla2xxx: Fix NULL pointer dereference in target mode (bsc#1213747). * scsi: qla2xxx: Fix TMF leak through (bsc#1213747). * scsi: qla2xxx: Fix bufferoverrun (bsc#1213747). * scsi: qla2xxx: Fix command flush during TMF (bsc#1213747). * scsi: qla2xxx: Fix deletion race condition (bsc#1213747). * scsi: qla2xxx: Fix end of loop test (bsc#1213747). * scsi: qla2xxx: Fix erroneous link up failure (bsc#1213747). * scsi: qla2xxx: Fix error code in qla2x00_start_sp() (bsc#1213747). * scsi: qla2xxx: Fix potential NULL pointer dereference (bsc#1213747). * scsi: qla2xxx: Fix session hang in gnl (bsc#1213747). * scsi: qla2xxx: Limit TMF to 8 per function (bsc#1213747). * scsi: qla2xxx: Pointer may be dereferenced (bsc#1213747). * scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue (bsc#1213747). * scsi: qla2xxx: Replace one-element array with DECLARE_FLEX_ARRAY() helper (bsc#1213747). * scsi: qla2xxx: Silence a static checker warning (bsc#1213747). * scsi: qla2xxx: Turn off noisy message log (bsc#1213747). * scsi: qla2xxx: Update version to 10.02.08.400-k (bsc#1213747). * scsi: qla2xxx: Update version to 10.02.08.500-k (bsc#1213747). * scsi: qla2xxx: Use vmalloc_array() and vcalloc() (bsc#1213747). * scsi: qla2xxx: fix inconsistent TMF timeout (bsc#1213747). * serial: qcom-geni: drop bogus runtime pm state update (git-fixes). * serial: sifive: Fix sifive_serial_console_setup() section (git-fixes). * soundwire: qcom: update status correctly with mask (git-fixes). * staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() (git- fixes). * staging: r8712: Fix memory leak in _r8712_init_xmit_priv() (git-fixes). * sunrpc: always free ctxt when freeing deferred request (git-fixes). * sunrpc: double free xprt_ctxt while still in use (git-fixes). * sunrpc: fix trace_svc_register() call site (git-fixes). * sunrpc: fix uaf in svc_tcp_listen_data_ready() (git-fixes). * sunrpc: remove dead code in svc_tcp_release_rqst() (git-fixes). * sunrpc: remove the maximum number of retries in call_bind_status (git- fixes). * svcrdma: Prevent page release when nothing was received (git-fixes). * tpm_tis:Explicitly check for error code (git-fixes). * tty: n_gsm: fix UAF in gsm_cleanup_mux (git-fixes). * ubifs: Add missing iput if do_tmpfile() failed in rename whiteout (git- fixes). * ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers (git-fixes). * ubifs: Fix 'ui-> dirty' race between do_tmpfile() and writeback work (git- fixes). * ubifs: Fix AA deadlock when setting xattr for encrypted file (git-fixes). * ubifs: Fix build errors as symbol undefined (git-fixes). * ubifs: Fix deadlock in concurrent rename whiteout and inode writeback (git- fixes). * ubifs: Fix memory leak in alloc_wbufs() (git-fixes). * ubifs: Fix memory leak in do_rename (git-fixes). * ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() (git-fixes). * ubifs: Fix to add refcount once page is set private (git-fixes). * ubifs: Fix wrong dirty space budget for dirty inode (git-fixes). * ubifs: Free memory for tmpfile name (git-fixes). * ubifs: Rectify space amount budget for mkdir/tmpfile operations (git-fixes). * ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted (git-fixes). * ubifs: Rectify space budget for ubifs_xrename() (git-fixes). * ubifs: Rename whiteout atomically (git-fixes). * ubifs: Reserve one leb for each journal head while doing budget (git-fixes). * ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1 (git- fixes). * ubifs: rename_whiteout: Fix double free for whiteout_ui-> data (git-fixes). * ubifs: rename_whiteout: correct old_dir size computing (git-fixes). * ubifs: setflags: Make dirtied_ino_d 8 bytes aligned (git-fixes). * ubifs: ubifs_writepage: Mark page dirty after writing inode failed (git- fixes). * usb: dwc3: do not reset device side if dwc3 was configured as host-only (git-fixes). * usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy (git-fixes). * usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate (git-fixes). * usb: xhci-mtk: setthe dma max_seg_size (git-fixes). * vhost: support PACKED when setting-getting vring_base (git-fixes). * vhost_net: revert upend_idx only on retriable error (git-fixes). * virtio-net: Maintain reverse cleanup order (git-fixes). * virtio_net: Fix error unwinding of XDP initialization (git-fixes). * x86/PVH: obtain VGA console info in Dom0 (git-fixes). * xen/blkfront: Only check REQ_FUA for writes (git-fixes). * xen/pvcalls-back: fix double frees with pvcalls_new_active_socket() (git- fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE Important update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-3313=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-3313=1 * Basesystem Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3313=1 * Development Tools Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-3313=1 * Legacy Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2023-3313=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-3313=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-3313=1 * SUSE Linux Enterprise Workstation Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-3313=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2023-3313=1 openSUSE-SLE-15.4-2023-3313=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2023-3313=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2023-3313=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-3313=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-3313=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.81.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.81.1 * kernel-default-debugsource-5.14.21-150400.24.81.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.81.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.81.1 * kernel-default-debugsource-5.14.21-150400.24.81.1 * Basesystem Module 15-SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.81.1 * Basesystem Module 15-SP4 (aarch64) * kernel-64kb-devel-5.14.21-150400.24.81.1 * kernel-64kb-debuginfo-5.14.21-150400.24.81.1 * kernel-64kb-debugsource-5.14.21-150400.24.81.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.81.1 * Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.81.1 * Basesystem Module 15-SP4 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3 * Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.14.21-150400.24.81.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.81.1 * kernel-default-debuginfo-5.14.21-150400.24.81.1 * kernel-default-debugsource-5.14.21-150400.24.81.1 * Basesystem Module 15-SP4 (noarch) *kernel-devel-5.14.21-150400.24.81.1 * kernel-macros-5.14.21-150400.24.81.1 * Basesystem Module 15-SP4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.81.1 * Basesystem Module 15-SP4 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.81.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.81.1 * Development Tools Module 15-SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.81.1 * Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-5.14.21-150400.24.81.1 * kernel-syms-5.14.21-150400.24.81.1 * kernel-obs-build-5.14.21-150400.24.81.1 * Development Tools Module 15-SP4 (noarch) * kernel-source-5.14.21-150400.24.81.1 * Legacy Module 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.81.1 * Legacy Module 15-SP4 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.81.1 * reiserfs-kmp-default-5.14.21-150400.24.81.1 * kernel-default-debuginfo-5.14.21-150400.24.81.1 * kernel-default-debugsource-5.14.21-150400.24.81.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.81.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.81.1 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-1-150400.9.3.3 * kernel-livepatch-5_14_21-150400_24_81-default-1-150400.9.3.3 * kernel-default-livepatch-5.14.21-150400.24.81.1 * kernel-default-livepatch-devel-5.14.21-150400.24.81.1 * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-1-150400.9.3.3 * kernel-default-debugsource-5.14.21-150400.24.81.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-5.14.21-150400.24.81.1 * kernel-default-debuginfo-5.14.21-150400.24.81.1 * cluster-md-kmp-default-5.14.21-150400.24.81.1 * gfs2-kmp-default-5.14.21-150400.24.81.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.81.1 *gfs2-kmp-default-debuginfo-5.14.21-150400.24.81.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.81.1 * dlm-kmp-default-5.14.21-150400.24.81.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.81.1 * kernel-default-debugsource-5.14.21-150400.24.81.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.81.1 * SUSE Linux Enterprise Workstation Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.81.1 * SUSE Linux Enterprise Workstation Extension 15 SP4 (x86_64) * kernel-default-extra-debuginfo-5.14.21-150400.24.81.1 * kernel-default-extra-5.14.21-150400.24.81.1 * kernel-default-debuginfo-5.14.21-150400.24.81.1 * kernel-default-debugsource-5.14.21-150400.24.81.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-1-150400.9.3.3 * kernel-livepatch-5_14_21-150400_24_81-default-1-150400.9.3.3 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-1-150400.9.3.3 * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.81.1 * openSUSE Leap 15.4 (noarch) * kernel-source-vanilla-5.14.21-150400.24.81.1 * kernel-source-5.14.21-150400.24.81.1 * kernel-devel-5.14.21-150400.24.81.1 * kernel-docs-html-5.14.21-150400.24.81.1 * kernel-macros-5.14.21-150400.24.81.1 * openSUSE Leap 15.4 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150400.24.81.1 * openSUSE Leap 15.4 (ppc64le x86_64) * kernel-debug-debuginfo-5.14.21-150400.24.81.1 * kernel-debug-livepatch-devel-5.14.21-150400.24.81.1 * kernel-debug-devel-5.14.21-150400.24.81.1 * kernel-debug-devel-debuginfo-5.14.21-150400.24.81.1 * kernel-debug-debugsource-5.14.21-150400.24.81.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-default-base-rebuild-5.14.21-150400.24.81.1.150400.24.35.3 * kernel-kvmsmall-debugsource-5.14.21-150400.24.81.1 * kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3 *kernel-kvmsmall-devel-5.14.21-150400.24.81.1 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.81.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.81.1 * kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.81.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-5.14.21-150400.24.81.1 * kernel-default-optional-debuginfo-5.14.21-150400.24.81.1 * kernel-obs-build-5.14.21-150400.24.81.1 * kernel-default-livepatch-5.14.21-150400.24.81.1 * kernel-default-extra-5.14.21-150400.24.81.1 * kernel-default-optional-5.14.21-150400.24.81.1 * kernel-obs-qa-5.14.21-150400.24.81.1 * kernel-default-devel-5.14.21-150400.24.81.1 * kernel-obs-build-debugsource-5.14.21-150400.24.81.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.81.1 * gfs2-kmp-default-5.14.21-150400.24.81.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.81.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.81.1 * kselftests-kmp-default-5.14.21-150400.24.81.1 * dlm-kmp-default-5.14.21-150400.24.81.1 * kernel-syms-5.14.21-150400.24.81.1 * ocfs2-kmp-default-5.14.21-150400.24.81.1 * kernel-default-debuginfo-5.14.21-150400.24.81.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.81.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.81.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.81.1 * kernel-default-debugsource-5.14.21-150400.24.81.1 * kernel-default-livepatch-devel-5.14.21-150400.24.81.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.81.1 * reiserfs-kmp-default-5.14.21-150400.24.81.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.81.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.81.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.81.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.81.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.81.1 *kernel-zfcpdump-debuginfo-5.14.21-150400.24.81.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.81.1 * openSUSE Leap 15.4 (aarch64) * dtb-marvell-5.14.21-150400.24.81.1 * dtb-apple-5.14.21-150400.24.81.1 * dtb-renesas-5.14.21-150400.24.81.1 * dtb-qcom-5.14.21-150400.24.81.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.81.1 * kernel-64kb-devel-5.14.21-150400.24.81.1 * kernel-64kb-debugsource-5.14.21-150400.24.81.1 * dtb-altera-5.14.21-150400.24.81.1 * dtb-freescale-5.14.21-150400.24.81.1 * dtb-cavium-5.14.21-150400.24.81.1 * kernel-64kb-optional-5.14.21-150400.24.81.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.81.1 * kernel-64kb-livepatch-devel-5.14.21-150400.24.81.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.81.1 * gfs2-kmp-64kb-5.14.21-150400.24.81.1 * dtb-amd-5.14.21-150400.24.81.1 * dtb-amlogic-5.14.21-150400.24.81.1 * dtb-exynos-5.14.21-150400.24.81.1 * dtb-broadcom-5.14.21-150400.24.81.1 * ocfs2-kmp-64kb-5.14.21-150400.24.81.1 * cluster-md-kmp-64kb-5.14.21-150400.24.81.1 * dtb-allwinner-5.14.21-150400.24.81.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.81.1 * dtb-rockchip-5.14.21-150400.24.81.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.81.1 * dtb-amazon-5.14.21-150400.24.81.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.81.1 * kselftests-kmp-64kb-5.14.21-150400.24.81.1 * kernel-64kb-extra-5.14.21-150400.24.81.1 * dtb-nvidia-5.14.21-150400.24.81.1 * kernel-64kb-debuginfo-5.14.21-150400.24.81.1 * dtb-lg-5.14.21-150400.24.81.1 * dtb-arm-5.14.21-150400.24.81.1 * dtb-sprd-5.14.21-150400.24.81.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.81.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.81.1 * dtb-apm-5.14.21-150400.24.81.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.81.1 * dtb-xilinx-5.14.21-150400.24.81.1 * dlm-kmp-64kb-5.14.21-150400.24.81.1 * reiserfs-kmp-64kb-5.14.21-150400.24.81.1 *dtb-mediatek-5.14.21-150400.24.81.1 * dtb-socionext-5.14.21-150400.24.81.1 * dtb-hisilicon-5.14.21-150400.24.81.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.81.1 * openSUSE Leap Micro 5.3 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.81.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3 * kernel-default-debuginfo-5.14.21-150400.24.81.1 * kernel-default-debugsource-5.14.21-150400.24.81.1 * openSUSE Leap Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.81.1 * openSUSE Leap Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.81.1 * kernel-default-debugsource-5.14.21-150400.24.81.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.81.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.81.1 * kernel-default-debugsource-5.14.21-150400.24.81.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.81.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.81.1.150400.24.35.3 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.81.1 * kernel-default-debugsource-5.14.21-150400.24.81.1 ## References: * https://www.suse.com/security/cve/CVE-2022-40982.html * https://www.suse.com/security/cve/CVE-2023-0459.html * https://www.suse.com/security/cve/CVE-2023-20569.html * https://www.suse.com/security/cve/CVE-2023-21400.html * https://www.suse.com/security/cve/CVE-2023-2156.html *https://www.suse.com/security/cve/CVE-2023-2166.html * https://www.suse.com/security/cve/CVE-2023-31083.html * https://www.suse.com/security/cve/CVE-2023-3268.html * https://www.suse.com/security/cve/CVE-2023-3567.html * https://www.suse.com/security/cve/CVE-2023-3609.html * https://www.suse.com/security/cve/CVE-2023-3611.html * https://www.suse.com/security/cve/CVE-2023-3776.html * https://www.suse.com/security/cve/CVE-2023-4004.html * https://bugzilla.suse.com/show_bug.cgi?id=1206418 * https://bugzilla.suse.com/show_bug.cgi?id=1207129 * https://bugzilla.suse.com/show_bug.cgi?id=1210627 * https://bugzilla.suse.com/show_bug.cgi?id=1210780 * https://bugzilla.suse.com/show_bug.cgi?id=1211131 * https://bugzilla.suse.com/show_bug.cgi?id=1211738 * https://bugzilla.suse.com/show_bug.cgi?id=1212502 * https://bugzilla.suse.com/show_bug.cgi?id=1212604 * https://bugzilla.suse.com/show_bug.cgi?id=1212901 * https://bugzilla.suse.com/show_bug.cgi?id=1213167 * https://bugzilla.suse.com/show_bug.cgi?id=1213272 * https://bugzilla.suse.com/show_bug.cgi?id=1213287 * https://bugzilla.suse.com/show_bug.cgi?id=1213304 * https://bugzilla.suse.com/show_bug.cgi?id=1213585 * https://bugzilla.suse.com/show_bug.cgi?id=1213586 * https://bugzilla.suse.com/show_bug.cgi?id=1213588 * https://bugzilla.suse.com/show_bug.cgi?id=1213620 * https://bugzilla.suse.com/show_bug.cgi?id=1213653 * https://bugzilla.suse.com/show_bug.cgi?id=1213713 * https://bugzilla.suse.com/show_bug.cgi?id=1213715 * https://bugzilla.suse.com/show_bug.cgi?id=1213747 * https://bugzilla.suse.com/show_bug.cgi?id=1213756 * https://bugzilla.suse.com/show_bug.cgi?id=1213759 * https://bugzilla.suse.com/show_bug.cgi?id=1213777 * https://bugzilla.suse.com/show_bug.cgi?id=1213810 * https://bugzilla.suse.com/show_bug.cgi?id=1213812 * https://bugzilla.suse.com/show_bug.cgi?id=1213842 * https://bugzilla.suse.com/show_bug.cgi?id=1213856 * https://bugzilla.suse.com/show_bug.cgi?id=1213857 *https://bugzilla.suse.com/show_bug.cgi?id=1213863 * https://bugzilla.suse.com/show_bug.cgi?id=1213867 * https://bugzilla.suse.com/show_bug.cgi?id=1213870 * https://bugzilla.suse.com/show_bug.cgi?id=1213871 . System patch released for openSUSE resolving various kernel vulnerabilities and enhancements. Important alerts and details provided.. SUSE Kernel Update,System Updates,Kernel Improvements. . Severity: Important. LinuxSecurity.com Team

Aug 14, 2023 •Important OpenSUSE

Community Poll

More Polls

Stay Secure with the Latest Linux Advisories

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

SUSE 15 SP5: 2024:4124-1 Important: Kernel RT Live Patch Critical Fixes

SUSE: 2024:3592-1 important: Linux Kernel multiple security fixes

SUSE: 2024:1801-1 Important: Kernel Security Fixes for SP5 and Leap

Ubuntu 22.04: USN-6743-2 Low Severity: Kernel Security Fixes

SUSE Linux 15 SP2: 2023:4243-1 Important: Kernel Live Patch Details

Oracle Linux 8: ELSA-2023-5244 Important: Kernel Fixes and Updates

openSUSE 15 SP5: SUSE-SU-2023:3676-1 Important Kernel Security Fixes

openSUSE 15 SP4: 2023:3313-1 important: kernel security issues

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!