Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-50264 (GCVE-0-2024-50264)
Vulnerability from cvelistv5 – Published: 2024-11-19 01:29 – Updated: 2025-11-03 22:27
VLAI?
EPSS
Title
vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
Summary
In the Linux kernel, the following vulnerability has been resolved:
vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
During loopback communication, a dangling pointer can be created in
vsk->trans, potentially leading to a Use-After-Free condition. This
issue is resolved by initializing vsk->trans to NULL.
Severity ?
7.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Linux | Linux |
Affected:
06a8fc78367d070720af960dcecec917d3ae5f3b , < 5f092a4271f6dccf88fe0d132475a17b69ef71df
(git)
Affected: 06a8fc78367d070720af960dcecec917d3ae5f3b , < fd8ae346692a56b4437d626c5460c7104980f389 (git) Affected: 06a8fc78367d070720af960dcecec917d3ae5f3b , < eb1bdcb7dfc30b24495ee4c5533af0ed135cb5f1 (git) Affected: 06a8fc78367d070720af960dcecec917d3ae5f3b , < 2a6a4e69f255b7aed17f93995691ab4f0d3c2203 (git) Affected: 06a8fc78367d070720af960dcecec917d3ae5f3b , < 44d29897eafd0e1196453d3003a4d5e0b968eeab (git) Affected: 06a8fc78367d070720af960dcecec917d3ae5f3b , < b110196fec44fe966952004bd426967c2a8fd358 (git) Affected: 06a8fc78367d070720af960dcecec917d3ae5f3b , < 5f970935d09934222fdef3d0e20c648ea7a963c1 (git) Affected: 06a8fc78367d070720af960dcecec917d3ae5f3b , < 6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f (git) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-50264",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-11T14:48:50.387406Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-11T14:58:32.111Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:27:43.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/vmw_vsock/virtio_transport_common.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "5f092a4271f6dccf88fe0d132475a17b69ef71df",
"status": "affected",
"version": "06a8fc78367d070720af960dcecec917d3ae5f3b",
"versionType": "git"
},
{
"lessThan": "fd8ae346692a56b4437d626c5460c7104980f389",
"status": "affected",
"version": "06a8fc78367d070720af960dcecec917d3ae5f3b",
"versionType": "git"
},
{
"lessThan": "eb1bdcb7dfc30b24495ee4c5533af0ed135cb5f1",
"status": "affected",
"version": "06a8fc78367d070720af960dcecec917d3ae5f3b",
"versionType": "git"
},
{
"lessThan": "2a6a4e69f255b7aed17f93995691ab4f0d3c2203",
"status": "affected",
"version": "06a8fc78367d070720af960dcecec917d3ae5f3b",
"versionType": "git"
},
{
"lessThan": "44d29897eafd0e1196453d3003a4d5e0b968eeab",
"status": "affected",
"version": "06a8fc78367d070720af960dcecec917d3ae5f3b",
"versionType": "git"
},
{
"lessThan": "b110196fec44fe966952004bd426967c2a8fd358",
"status": "affected",
"version": "06a8fc78367d070720af960dcecec917d3ae5f3b",
"versionType": "git"
},
{
"lessThan": "5f970935d09934222fdef3d0e20c648ea7a963c1",
"status": "affected",
"version": "06a8fc78367d070720af960dcecec917d3ae5f3b",
"versionType": "git"
},
{
"lessThan": "6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f",
"status": "affected",
"version": "06a8fc78367d070720af960dcecec917d3ae5f3b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/vmw_vsock/virtio_transport_common.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.8"
},
{
"lessThan": "4.8",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.324",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.286",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.230",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.172",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.117",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.61",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"version": "6.11.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.12",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.324",
"versionStartIncluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.286",
"versionStartIncluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.230",
"versionStartIncluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.172",
"versionStartIncluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.117",
"versionStartIncluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.61",
"versionStartIncluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.11.8",
"versionStartIncluding": "4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12",
"versionStartIncluding": "4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL."
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T07:51:46.682Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/5f092a4271f6dccf88fe0d132475a17b69ef71df"
},
{
"url": "https://git.kernel.org/stable/c/fd8ae346692a56b4437d626c5460c7104980f389"
},
{
"url": "https://git.kernel.org/stable/c/eb1bdcb7dfc30b24495ee4c5533af0ed135cb5f1"
},
{
"url": "https://git.kernel.org/stable/c/2a6a4e69f255b7aed17f93995691ab4f0d3c2203"
},
{
"url": "https://git.kernel.org/stable/c/44d29897eafd0e1196453d3003a4d5e0b968eeab"
},
{
"url": "https://git.kernel.org/stable/c/b110196fec44fe966952004bd426967c2a8fd358"
},
{
"url": "https://git.kernel.org/stable/c/5f970935d09934222fdef3d0e20c648ea7a963c1"
},
{
"url": "https://git.kernel.org/stable/c/6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f"
},
{
"url": "https://a13xp0p0v.github.io/2025/09/02/kernel-hack-drill-and-CVE-2024-50264.html"
}
],
"title": "vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-50264",
"datePublished": "2024-11-19T01:29:59.511Z",
"dateReserved": "2024-10-21T19:36:19.982Z",
"dateUpdated": "2025-11-03T22:27:43.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.8\", \"versionEndExcluding\": \"4.19.324\", \"matchCriteriaId\": \"0F611C46-499A-456F-BDCC-537FE0579161\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.20\", \"versionEndExcluding\": \"5.4.286\", \"matchCriteriaId\": \"9952C897-8A61-4D4B-9D6D-7D063E9EA15E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.5\", \"versionEndExcluding\": \"5.10.230\", \"matchCriteriaId\": \"BF5B32D0-72C9-41C3-A0BB-D4946153C134\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.11\", \"versionEndExcluding\": \"5.15.172\", \"matchCriteriaId\": \"88812664-4296-42AC-AE0F-ED71086C1BB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.16\", \"versionEndExcluding\": \"6.1.117\", \"matchCriteriaId\": \"0DD7F755-2F6B-4707-8973-78496AD5AA8E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.2\", \"versionEndExcluding\": \"6.6.61\", \"matchCriteriaId\": \"630ED7EB-C97E-4435-B884-1E309E40D6F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.7\", \"versionEndExcluding\": \"6.11.8\", \"matchCriteriaId\": \"0BD000F7-3DAD-4DD3-8906-98EA1EC67E95\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F361E1D-580F-4A2D-A509-7615F73167A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C95E234-D335-4B6C-96BF-E2CEBD8654ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0F717D8-3014-4F84-8086-0124B2111379\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*\", \"matchCriteriaId\": \"24DBE6C7-2AAE-4818-AED2-E131F153D2FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*\", \"matchCriteriaId\": \"24B88717-53F5-42AA-9B72-14C707639E3F\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\\n\\nDuring loopback communication, a dangling pointer can be created in\\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\\nissue is resolved by initializing vsk-\u003etrans to NULL.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: vsock/virtio: inicializaci\\u00f3n del puntero colgante que se produce en vsk-\u0026gt;trans. Durante la comunicaci\\u00f3n de bucle invertido, se puede crear un puntero colgante en vsk-\u0026gt;trans, lo que puede provocar una condici\\u00f3n de Use-After-Free. Este problema se resuelve inicializando vsk-\u0026gt;trans en NULL.\"}]",
"id": "CVE-2024-50264",
"lastModified": "2024-12-11T15:15:14.343",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
"published": "2024-11-19T02:16:28.210",
"references": "[{\"url\": \"https://git.kernel.org/stable/c/2a6a4e69f255b7aed17f93995691ab4f0d3c2203\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/44d29897eafd0e1196453d3003a4d5e0b968eeab\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/5f092a4271f6dccf88fe0d132475a17b69ef71df\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/5f970935d09934222fdef3d0e20c648ea7a963c1\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"VDB Entry\"]}, {\"url\": \"https://git.kernel.org/stable/c/6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/b110196fec44fe966952004bd426967c2a8fd358\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/eb1bdcb7dfc30b24495ee4c5533af0ed135cb5f1\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/fd8ae346692a56b4437d626c5460c7104980f389\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}]",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-50264\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-11-19T02:16:28.210\",\"lastModified\":\"2025-11-03T23:17:08.150\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\\n\\nDuring loopback communication, a dangling pointer can be created in\\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\\nissue is resolved by initializing vsk-\u003etrans to NULL.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: vsock/virtio: inicializaci\u00f3n del puntero colgante que se produce en vsk-\u0026gt;trans. Durante la comunicaci\u00f3n de bucle invertido, se puede crear un puntero colgante en vsk-\u0026gt;trans, lo que puede provocar una condici\u00f3n de Use-After-Free. Este problema se resuelve inicializando vsk-\u0026gt;trans en NULL.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.8\",\"versionEndExcluding\":\"4.19.324\",\"matchCriteriaId\":\"0F611C46-499A-456F-BDCC-537FE0579161\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.286\",\"matchCriteriaId\":\"9952C897-8A61-4D4B-9D6D-7D063E9EA15E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.230\",\"matchCriteriaId\":\"BF5B32D0-72C9-41C3-A0BB-D4946153C134\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.172\",\"matchCriteriaId\":\"88812664-4296-42AC-AE0F-ED71086C1BB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.117\",\"matchCriteriaId\":\"0DD7F755-2F6B-4707-8973-78496AD5AA8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.61\",\"matchCriteriaId\":\"630ED7EB-C97E-4435-B884-1E309E40D6F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.11.8\",\"matchCriteriaId\":\"0BD000F7-3DAD-4DD3-8906-98EA1EC67E95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F361E1D-580F-4A2D-A509-7615F73167A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C95E234-D335-4B6C-96BF-E2CEBD8654ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0F717D8-3014-4F84-8086-0124B2111379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"24DBE6C7-2AAE-4818-AED2-E131F153D2FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.12:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"24B88717-53F5-42AA-9B72-14C707639E3F\"}]}]}],\"references\":[{\"url\":\"https://a13xp0p0v.github.io/2025/09/02/kernel-hack-drill-and-CVE-2024-50264.html\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/2a6a4e69f255b7aed17f93995691ab4f0d3c2203\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/44d29897eafd0e1196453d3003a4d5e0b968eeab\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5f092a4271f6dccf88fe0d132475a17b69ef71df\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5f970935d09934222fdef3d0e20c648ea7a963c1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"VDB Entry\"]},{\"url\":\"https://git.kernel.org/stable/c/6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b110196fec44fe966952004bd426967c2a8fd358\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/eb1bdcb7dfc30b24495ee4c5533af0ed135cb5f1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/fd8ae346692a56b4437d626c5460c7104980f389\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-03T22:27:43.580Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-50264\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-11T14:48:50.387406Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-416\", \"description\": \"CWE-416 Use After Free\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-11T14:48:51.743Z\"}}], \"cna\": {\"title\": \"vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"06a8fc78367d070720af960dcecec917d3ae5f3b\", \"lessThan\": \"5f092a4271f6dccf88fe0d132475a17b69ef71df\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"06a8fc78367d070720af960dcecec917d3ae5f3b\", \"lessThan\": \"fd8ae346692a56b4437d626c5460c7104980f389\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"06a8fc78367d070720af960dcecec917d3ae5f3b\", \"lessThan\": \"eb1bdcb7dfc30b24495ee4c5533af0ed135cb5f1\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"06a8fc78367d070720af960dcecec917d3ae5f3b\", \"lessThan\": \"2a6a4e69f255b7aed17f93995691ab4f0d3c2203\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"06a8fc78367d070720af960dcecec917d3ae5f3b\", \"lessThan\": \"44d29897eafd0e1196453d3003a4d5e0b968eeab\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"06a8fc78367d070720af960dcecec917d3ae5f3b\", \"lessThan\": \"b110196fec44fe966952004bd426967c2a8fd358\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"06a8fc78367d070720af960dcecec917d3ae5f3b\", \"lessThan\": \"5f970935d09934222fdef3d0e20c648ea7a963c1\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"06a8fc78367d070720af960dcecec917d3ae5f3b\", \"lessThan\": \"6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f\", \"versionType\": \"git\"}], \"programFiles\": [\"net/vmw_vsock/virtio_transport_common.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.8\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.8\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.19.324\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.286\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.230\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.172\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.117\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.61\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.11.8\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.11.*\"}, {\"status\": \"unaffected\", \"version\": \"6.12\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"net/vmw_vsock/virtio_transport_common.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/5f092a4271f6dccf88fe0d132475a17b69ef71df\"}, {\"url\": \"https://git.kernel.org/stable/c/fd8ae346692a56b4437d626c5460c7104980f389\"}, {\"url\": \"https://git.kernel.org/stable/c/eb1bdcb7dfc30b24495ee4c5533af0ed135cb5f1\"}, {\"url\": \"https://git.kernel.org/stable/c/2a6a4e69f255b7aed17f93995691ab4f0d3c2203\"}, {\"url\": \"https://git.kernel.org/stable/c/44d29897eafd0e1196453d3003a4d5e0b968eeab\"}, {\"url\": \"https://git.kernel.org/stable/c/b110196fec44fe966952004bd426967c2a8fd358\"}, {\"url\": \"https://git.kernel.org/stable/c/5f970935d09934222fdef3d0e20c648ea7a963c1\"}, {\"url\": \"https://git.kernel.org/stable/c/6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f\"}, {\"url\": \"https://a13xp0p0v.github.io/2025/09/02/kernel-hack-drill-and-CVE-2024-50264.html\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\\n\\nDuring loopback communication, a dangling pointer can be created in\\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\\nissue is resolved by initializing vsk-\u003etrans to NULL.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.19.324\", \"versionStartIncluding\": \"4.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.286\", \"versionStartIncluding\": \"4.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.230\", \"versionStartIncluding\": \"4.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.172\", \"versionStartIncluding\": \"4.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.117\", \"versionStartIncluding\": \"4.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.61\", \"versionStartIncluding\": \"4.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.11.8\", \"versionStartIncluding\": \"4.8\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12\", \"versionStartIncluding\": \"4.8\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-10-15T07:51:46.682Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-50264\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-03T22:27:43.580Z\", \"dateReserved\": \"2024-10-21T19:36:19.982Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-11-19T01:29:59.511Z\", \"assignerShortName\": \"Linux\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2025:0264-1
Vulnerability from csaf_suse - Published: 2025-01-27 15:03 - Updated: 2025-01-27 15:03Summary
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)
Description of the patch
This update for the Linux Kernel 5.14.21-150400_24_119 fixes several issues.
The following security issues were fixed:
- CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712).
- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327).
- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099).
- CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).
- CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).
Patchnames
SUSE-2025-264,SUSE-SLE-Module-Live-Patching-15-SP4-2025-264
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150400_24_119 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324).\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233712).\n- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).\n- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).\n- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).\n- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327).\n- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).\n- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).\n- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).\n- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739).\n- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)\n- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).\n- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).\n- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099).\n- CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313).\n- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).\n- CVE-2024-35950: drm/client: Fully protect modes with dev-\u003emode_config.mutex (bsc#1225310).\n- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).\n- CVE-2024-26930: Fixed double free of the ha-\u003evp_map pointer (bsc#1223681).\n- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).\n- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-264,SUSE-SLE-Module-Live-Patching-15-SP4-2025-264",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0264-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0264-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250264-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0264-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020207.html"
},
{
"category": "self",
"summary": "SUSE Bug 1223059",
"url": "https://bugzilla.suse.com/1223059"
},
{
"category": "self",
"summary": "SUSE Bug 1223363",
"url": "https://bugzilla.suse.com/1223363"
},
{
"category": "self",
"summary": "SUSE Bug 1223681",
"url": "https://bugzilla.suse.com/1223681"
},
{
"category": "self",
"summary": "SUSE Bug 1223683",
"url": "https://bugzilla.suse.com/1223683"
},
{
"category": "self",
"summary": "SUSE Bug 1225011",
"url": "https://bugzilla.suse.com/1225011"
},
{
"category": "self",
"summary": "SUSE Bug 1225012",
"url": "https://bugzilla.suse.com/1225012"
},
{
"category": "self",
"summary": "SUSE Bug 1225013",
"url": "https://bugzilla.suse.com/1225013"
},
{
"category": "self",
"summary": "SUSE Bug 1225099",
"url": "https://bugzilla.suse.com/1225099"
},
{
"category": "self",
"summary": "SUSE Bug 1225309",
"url": "https://bugzilla.suse.com/1225309"
},
{
"category": "self",
"summary": "SUSE Bug 1225310",
"url": "https://bugzilla.suse.com/1225310"
},
{
"category": "self",
"summary": "SUSE Bug 1225311",
"url": "https://bugzilla.suse.com/1225311"
},
{
"category": "self",
"summary": "SUSE Bug 1225312",
"url": "https://bugzilla.suse.com/1225312"
},
{
"category": "self",
"summary": "SUSE Bug 1225313",
"url": "https://bugzilla.suse.com/1225313"
},
{
"category": "self",
"summary": "SUSE Bug 1225733",
"url": "https://bugzilla.suse.com/1225733"
},
{
"category": "self",
"summary": "SUSE Bug 1225739",
"url": "https://bugzilla.suse.com/1225739"
},
{
"category": "self",
"summary": "SUSE Bug 1225819",
"url": "https://bugzilla.suse.com/1225819"
},
{
"category": "self",
"summary": "SUSE Bug 1226324",
"url": "https://bugzilla.suse.com/1226324"
},
{
"category": "self",
"summary": "SUSE Bug 1226325",
"url": "https://bugzilla.suse.com/1226325"
},
{
"category": "self",
"summary": "SUSE Bug 1226327",
"url": "https://bugzilla.suse.com/1226327"
},
{
"category": "self",
"summary": "SUSE Bug 1227471",
"url": "https://bugzilla.suse.com/1227471"
},
{
"category": "self",
"summary": "SUSE Bug 1228573",
"url": "https://bugzilla.suse.com/1228573"
},
{
"category": "self",
"summary": "SUSE Bug 1228786",
"url": "https://bugzilla.suse.com/1228786"
},
{
"category": "self",
"summary": "SUSE Bug 1229553",
"url": "https://bugzilla.suse.com/1229553"
},
{
"category": "self",
"summary": "SUSE Bug 1231353",
"url": "https://bugzilla.suse.com/1231353"
},
{
"category": "self",
"summary": "SUSE Bug 1232637",
"url": "https://bugzilla.suse.com/1232637"
},
{
"category": "self",
"summary": "SUSE Bug 1233712",
"url": "https://bugzilla.suse.com/1233712"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47598 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52846 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35867 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36971 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)",
"tracking": {
"current_release_date": "2025-01-27T15:03:50Z",
"generator": {
"date": "2025-01-27T15:03:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0264-1",
"initial_release_date": "2025-01-27T15:03:50Z",
"revision_history": [
{
"date": "2025-01-27T15:03:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_cake: do not call cake_destroy() from cake_init()\n\nqdiscs are not supposed to call their own destroy() method\nfrom init(), because core stack already does that.\n\nsyzbot was able to trigger use after free:\n\nDEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock_common kernel/locking/mutex.c:586 [inline]\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nModules linked in:\nCPU: 0 PID: 21902 Comm: syz-executor189 Not tainted 5.16.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:__mutex_lock_common kernel/locking/mutex.c:586 [inline]\nRIP: 0010:__mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nCode: 08 84 d2 0f 85 19 08 00 00 8b 05 97 38 4b 04 85 c0 0f 85 27 f7 ff ff 48 c7 c6 20 00 ac 89 48 c7 c7 a0 fe ab 89 e8 bf 76 ba ff \u003c0f\u003e 0b e9 0d f7 ff ff 48 8b 44 24 40 48 8d b8 c8 08 00 00 48 89 f8\nRSP: 0018:ffffc9000627f290 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802315d700 RSI: ffffffff815f1db8 RDI: fffff52000c4fe44\nRBP: ffff88818f28e000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815ebb5e R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: ffffc9000627f458 R15: 0000000093c30000\nFS: 0000555556abc400(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fda689c3303 CR3: 000000001cfbb000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcf_chain0_head_change_cb_del+0x2e/0x3d0 net/sched/cls_api.c:810\n tcf_block_put_ext net/sched/cls_api.c:1381 [inline]\n tcf_block_put_ext net/sched/cls_api.c:1376 [inline]\n tcf_block_put+0xbc/0x130 net/sched/cls_api.c:1394\n cake_destroy+0x3f/0x80 net/sched/sch_cake.c:2695\n qdisc_create.constprop.0+0x9da/0x10f0 net/sched/sch_api.c:1293\n tc_modify_qdisc+0x4c5/0x1980 net/sched/sch_api.c:1660\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2496\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f1bb06badb9\nCode: Unable to access opcode bytes at RIP 0x7f1bb06bad8f.\nRSP: 002b:00007fff3012a658 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1bb06badb9\nRDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000003 R11: 0000000000000246 R12: 00007fff3012a688\nR13: 00007fff3012a6a0 R14: 00007fff3012a6e0 R15: 00000000000013c2\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47598",
"url": "https://www.suse.com/security/cve/CVE-2021-47598"
},
{
"category": "external",
"summary": "SUSE Bug 1226574 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1226574"
},
{
"category": "external",
"summary": "SUSE Bug 1227471 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1227471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2021-47598"
},
{
"cve": "CVE-2022-48956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid use-after-free in ip6_fragment()\n\nBlamed commit claimed rcu_read_lock() was held by ip6_fragment() callers.\n\nIt seems to not be always true, at least for UDP stack.\n\nsyzbot reported:\n\nBUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline]\nBUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\nRead of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618\n\nCPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x15e/0x45d mm/kasan/report.c:395\n kasan_report+0xbf/0x1f0 mm/kasan/report.c:495\n ip6_dst_idev include/net/ip6_fib.h:245 [inline]\n ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\n __ip6_finish_output net/ipv6/ip6_output.c:193 [inline]\n ip6_finish_output+0x9a3/0x1170 net/ipv6/ip6_output.c:206\n NF_HOOK_COND include/linux/netfilter.h:291 [inline]\n ip6_output+0x1f1/0x540 net/ipv6/ip6_output.c:227\n dst_output include/net/dst.h:445 [inline]\n ip6_local_out+0xb3/0x1a0 net/ipv6/output_core.c:161\n ip6_send_skb+0xbb/0x340 net/ipv6/ip6_output.c:1966\n udp_v6_send_skb+0x82a/0x18a0 net/ipv6/udp.c:1286\n udp_v6_push_pending_frames+0x140/0x200 net/ipv6/udp.c:1313\n udpv6_sendmsg+0x18da/0x2c80 net/ipv6/udp.c:1606\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0xd3/0x120 net/socket.c:734\n sock_write_iter+0x295/0x3d0 net/socket.c:1108\n call_write_iter include/linux/fs.h:2191 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x9ed/0xdd0 fs/read_write.c:584\n ksys_write+0x1ec/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fde3588c0d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fde365b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fde359ac050 RCX: 00007fde3588c0d9\nRDX: 000000000000ffdc RSI: 00000000200000c0 RDI: 000000000000000a\nRBP: 00007fde358e7ae9 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fde35acfb1f R14: 00007fde365b6300 R15: 0000000000022000\n \u003c/TASK\u003e\n\nAllocated by task 7618:\n kasan_save_stack+0x22/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x82/0x90 mm/kasan/common.c:325\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3398 [inline]\n slab_alloc mm/slub.c:3406 [inline]\n __kmem_cache_alloc_lru mm/slub.c:3413 [inline]\n kmem_cache_alloc+0x2b4/0x3d0 mm/slub.c:3422\n dst_alloc+0x14a/0x1f0 net/core/dst.c:92\n ip6_dst_alloc+0x32/0xa0 net/ipv6/route.c:344\n ip6_rt_pcpu_alloc net/ipv6/route.c:1369 [inline]\n rt6_make_pcpu_route net/ipv6/route.c:1417 [inline]\n ip6_pol_route+0x901/0x1190 net/ipv6/route.c:2254\n pol_lookup_func include/net/ip6_fib.h:582 [inline]\n fib6_rule_lookup+0x52e/0x6f0 net/ipv6/fib6_rules.c:121\n ip6_route_output_flags_noref+0x2e6/0x380 net/ipv6/route.c:2625\n ip6_route_output_flags+0x76/0x320 net/ipv6/route.c:2638\n ip6_route_output include/net/ip6_route.h:98 [inline]\n ip6_dst_lookup_tail+0x5ab/0x1620 net/ipv6/ip6_output.c:1092\n ip6_dst_lookup_flow+0x90/0x1d0 net/ipv6/ip6_output.c:1222\n ip6_sk_dst_lookup_flow+0x553/0x980 net/ipv6/ip6_output.c:1260\n udpv6_sendmsg+0x151d/0x2c80 net/ipv6/udp.c:1554\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48956",
"url": "https://www.suse.com/security/cve/CVE-2022-48956"
},
{
"category": "external",
"summary": "SUSE Bug 1231893 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1231893"
},
{
"category": "external",
"summary": "SUSE Bug 1232799 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1232799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2022-48956"
},
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2023-52846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Prevent use after free in prp_create_tagged_frame()\n\nThe prp_fill_rct() function can fail. In that situation, it frees the\nskb and returns NULL. Meanwhile on the success path, it returns the\noriginal skb. So it\u0027s straight forward to fix bug by using the returned\nvalue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52846",
"url": "https://www.suse.com/security/cve/CVE-2023-52846"
},
{
"category": "external",
"summary": "SUSE Bug 1225098 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225098"
},
{
"category": "external",
"summary": "SUSE Bug 1225099 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2023-52846"
},
{
"cve": "CVE-2024-26828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need. However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t. That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26828",
"url": "https://www.suse.com/security/cve/CVE-2024-26828"
},
{
"category": "external",
"summary": "SUSE Bug 1223084 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "external",
"summary": "SUSE Bug 1223363 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26852",
"url": "https://www.suse.com/security/cve/CVE-2024-26852"
},
{
"category": "external",
"summary": "SUSE Bug 1223057 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "external",
"summary": "SUSE Bug 1223059 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix garbage collector racing against connect()\n\nGarbage collector does not take into account the risk of embryo getting\nenqueued during the garbage collection. If such embryo has a peer that\ncarries SCM_RIGHTS, two consecutive passes of scan_children() may see a\ndifferent set of children. Leading to an incorrectly elevated inflight\ncount, and then a dangling pointer within the gc_inflight_list.\n\nsockets are AF_UNIX/SOCK_STREAM\nS is an unconnected socket\nL is a listening in-flight socket bound to addr, not in fdtable\nV\u0027s fd will be passed via sendmsg(), gets inflight count bumped\n\nconnect(S, addr)\tsendmsg(S, [V]); close(V)\t__unix_gc()\n----------------\t-------------------------\t-----------\n\nNS = unix_create1()\nskb1 = sock_wmalloc(NS)\nL = unix_find_other(addr)\nunix_state_lock(L)\nunix_peer(S) = NS\n\t\t\t// V count=1 inflight=0\n\n \t\t\tNS = unix_peer(S)\n \t\t\tskb2 = sock_alloc()\n\t\t\tskb_queue_tail(NS, skb2[V])\n\n\t\t\t// V became in-flight\n\t\t\t// V count=2 inflight=1\n\n\t\t\tclose(V)\n\n\t\t\t// V count=1 inflight=1\n\t\t\t// GC candidate condition met\n\n\t\t\t\t\t\tfor u in gc_inflight_list:\n\t\t\t\t\t\t if (total_refs == inflight_refs)\n\t\t\t\t\t\t add u to gc_candidates\n\n\t\t\t\t\t\t// gc_candidates={L, V}\n\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t scan_children(u, dec_inflight)\n\n\t\t\t\t\t\t// embryo (skb1) was not\n\t\t\t\t\t\t// reachable from L yet, so V\u0027s\n\t\t\t\t\t\t// inflight remains unchanged\n__skb_queue_tail(L, skb1)\nunix_state_unlock(L)\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t if (u.inflight)\n\t\t\t\t\t\t scan_children(u, inc_inflight_move_tail)\n\n\t\t\t\t\t\t// V count=1 inflight=2 (!)\n\nIf there is a GC-candidate listening socket, lock/unlock its state. This\nmakes GC wait until the end of any ongoing connect() to that socket. After\nflipping the lock, a possibly SCM-laden embryo is already enqueued. And if\nthere is another embryo coming, it can not possibly carry SCM_RIGHTS. At\nthis point, unix_inflight() can not happen because unix_gc_lock is already\ntaken. Inflight graph remains unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26923",
"url": "https://www.suse.com/security/cve/CVE-2024-26923"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1223683 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-26930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer\n\nCoverity scan reported potential risk of double free of the pointer\nha-\u003evp_map. ha-\u003evp_map was freed in qla2x00_mem_alloc(), and again freed\nin function qla2x00_mem_free(ha).\n\nAssign NULL to vp_map and kfree take care of NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26930",
"url": "https://www.suse.com/security/cve/CVE-2024-26930"
},
{
"category": "external",
"summary": "SUSE Bug 1223626 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "external",
"summary": "SUSE Bug 1223681 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-26930"
},
{
"cve": "CVE-2024-27398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n Cleanup Thread | Worker Thread\nsco_sock_release |\n sco_sock_close |\n __sco_sock_close |\n sco_sock_set_timer |\n schedule_delayed_work |\n sco_sock_kill | (wait a time)\n sock_put(sk) //FREE | sco_sock_timeout\n | sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[ 95.890016] ==================================================================\n[ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[ 95.890755] Workqueue: events sco_sock_timeout\n[ 95.890755] Call Trace:\n[ 95.890755] \u003cTASK\u003e\n[ 95.890755] dump_stack_lvl+0x45/0x110\n[ 95.890755] print_address_description+0x78/0x390\n[ 95.890755] print_report+0x11b/0x250\n[ 95.890755] ? __virt_addr_valid+0xbe/0xf0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_report+0x139/0x170\n[ 95.890755] ? update_load_avg+0xe5/0x9f0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_check_range+0x2c3/0x2e0\n[ 95.890755] sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] process_one_work+0x561/0xc50\n[ 95.890755] worker_thread+0xab2/0x13c0\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] kthread+0x279/0x300\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork+0x34/0x60\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork_asm+0x11/0x20\n[ 95.890755] \u003c/TASK\u003e\n[ 95.890755]\n[ 95.890755] Allocated by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] __kasan_kmalloc+0x86/0x90\n[ 95.890755] __kmalloc+0x17f/0x360\n[ 95.890755] sk_prot_alloc+0xe1/0x1a0\n[ 95.890755] sk_alloc+0x31/0x4e0\n[ 95.890755] bt_sock_alloc+0x2b/0x2a0\n[ 95.890755] sco_sock_create+0xad/0x320\n[ 95.890755] bt_sock_create+0x145/0x320\n[ 95.890755] __sock_create+0x2e1/0x650\n[ 95.890755] __sys_socket+0xd0/0x280\n[ 95.890755] __x64_sys_socket+0x75/0x80\n[ 95.890755] do_syscall_64+0xc4/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] Freed by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] kasan_save_free_info+0x40/0x50\n[ 95.890755] poison_slab_object+0x118/0x180\n[ 95.890755] __kasan_slab_free+0x12/0x30\n[ 95.890755] kfree+0xb2/0x240\n[ 95.890755] __sk_destruct+0x317/0x410\n[ 95.890755] sco_sock_release+0x232/0x280\n[ 95.890755] sock_close+0xb2/0x210\n[ 95.890755] __fput+0x37f/0x770\n[ 95.890755] task_work_run+0x1ae/0x210\n[ 95.890755] get_signal+0xe17/0xf70\n[ 95.890755] arch_do_signal_or_restart+0x3f/0x520\n[ 95.890755] syscall_exit_to_user_mode+0x55/0x120\n[ 95.890755] do_syscall_64+0xd1/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the object at ffff88800c388000\n[ 95.890755] which belongs to the cache kmalloc-1k of size 1024\n[ 95.890755] The buggy address is located 128 bytes inside of\n[ 95.890755] freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the physical page:\n[ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 95.890755] ano\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27398",
"url": "https://www.suse.com/security/cve/CVE-2024-27398"
},
{
"category": "external",
"summary": "SUSE Bug 1224174 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "external",
"summary": "SUSE Bug 1225013 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1225013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-35817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag\n\nOtherwise after the GTT bo is released, the GTT and gart space is freed\nbut amdgpu_ttm_backend_unbind will not clear the gart page table entry\nand leave valid mapping entry pointing to the stale system page. Then\nif GPU access the gart address mistakely, it will read undefined value\ninstead page fault, harder to debug and reproduce the real issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35817",
"url": "https://www.suse.com/security/cve/CVE-2024-35817"
},
{
"category": "external",
"summary": "SUSE Bug 1224736 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1224736"
},
{
"category": "external",
"summary": "SUSE Bug 1225313 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1225313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-35817"
},
{
"cve": "CVE-2024-35861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35861",
"url": "https://www.suse.com/security/cve/CVE-2024-35861"
},
{
"category": "external",
"summary": "SUSE Bug 1224766 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "external",
"summary": "SUSE Bug 1225312 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1225312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-35861"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35863",
"url": "https://www.suse.com/security/cve/CVE-2024-35863"
},
{
"category": "external",
"summary": "SUSE Bug 1224763 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "external",
"summary": "SUSE Bug 1225011 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1225011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-35863"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35867",
"url": "https://www.suse.com/security/cve/CVE-2024-35867"
},
{
"category": "external",
"summary": "SUSE Bug 1224664 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "external",
"summary": "SUSE Bug 1225012 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1225012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-35867"
},
{
"cve": "CVE-2024-35905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Protect against int overflow for stack access size\n\nThis patch re-introduces protection against the size of access to stack\nmemory being negative; the access size can appear negative as a result\nof overflowing its signed int representation. This should not actually\nhappen, as there are other protections along the way, but we should\nprotect against it anyway. One code path was missing such protections\n(fixed in the previous patch in the series), causing out-of-bounds array\naccesses in check_stack_range_initialized(). This patch causes the\nverification of a program with such a non-sensical access size to fail.\n\nThis check used to exist in a more indirect way, but was inadvertendly\nremoved in a833a17aeac7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35905",
"url": "https://www.suse.com/security/cve/CVE-2024-35905"
},
{
"category": "external",
"summary": "SUSE Bug 1224488 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "external",
"summary": "SUSE Bug 1226327 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1226327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-35905"
},
{
"cve": "CVE-2024-35950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev-\u003emode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors\u0027\nmode lists, which are protected by dev-\u003emode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35950",
"url": "https://www.suse.com/security/cve/CVE-2024-35950"
},
{
"category": "external",
"summary": "SUSE Bug 1224703 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "external",
"summary": "SUSE Bug 1225310 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1225310"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-36899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: Fix use after free in lineinfo_changed_notify\n\nThe use-after-free issue occurs as follows: when the GPIO chip device file\nis being closed by invoking gpio_chrdev_release(), watched_lines is freed\nby bitmap_free(), but the unregistration of lineinfo_changed_nb notifier\nchain failed due to waiting write rwsem. Additionally, one of the GPIO\nchip\u0027s lines is also in the release process and holds the notifier chain\u0027s\nread rwsem. Consequently, a race condition leads to the use-after-free of\nwatched_lines.\n\nHere is the typical stack when issue happened:\n\n[free]\ngpio_chrdev_release()\n --\u003e bitmap_free(cdev-\u003ewatched_lines) \u003c-- freed\n --\u003e blocking_notifier_chain_unregister()\n --\u003e down_write(\u0026nh-\u003erwsem) \u003c-- waiting rwsem\n --\u003e __down_write_common()\n --\u003e rwsem_down_write_slowpath()\n --\u003e schedule_preempt_disabled()\n --\u003e schedule()\n\n[use]\nst54spi_gpio_dev_release()\n --\u003e gpio_free()\n --\u003e gpiod_free()\n --\u003e gpiod_free_commit()\n --\u003e gpiod_line_state_notify()\n --\u003e blocking_notifier_call_chain()\n --\u003e down_read(\u0026nh-\u003erwsem); \u003c-- held rwsem\n --\u003e notifier_call_chain()\n --\u003e lineinfo_changed_notify()\n --\u003e test_bit(xxxx, cdev-\u003ewatched_lines) \u003c-- use after free\n\nThe side effect of the use-after-free issue is that a GPIO line event is\nbeing generated for userspace where it shouldn\u0027t. However, since the chrdev\nis being closed, userspace won\u0027t have the chance to read that event anyway.\n\nTo fix the issue, call the bitmap_free() function after the unregistration\nof lineinfo_changed_nb notifier chain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36899",
"url": "https://www.suse.com/security/cve/CVE-2024-36899"
},
{
"category": "external",
"summary": "SUSE Bug 1225737 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225737"
},
{
"category": "external",
"summary": "SUSE Bug 1225739 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-36899"
},
{
"cve": "CVE-2024-36904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Use refcount_inc_not_zero() in tcp_twsk_unique().\n\nAnderson Nascimento reported a use-after-free splat in tcp_twsk_unique()\nwith nice analysis.\n\nSince commit ec94c2696f0b (\"tcp/dccp: avoid one atomic operation for\ntimewait hashdance\"), inet_twsk_hashdance() sets TIME-WAIT socket\u0027s\nsk_refcnt after putting it into ehash and releasing the bucket lock.\n\nThus, there is a small race window where other threads could try to\nreuse the port during connect() and call sock_hold() in tcp_twsk_unique()\nfor the TIME-WAIT socket with zero refcnt.\n\nIf that happens, the refcnt taken by tcp_twsk_unique() is overwritten\nand sock_put() will cause underflow, triggering a real use-after-free\nsomewhere else.\n\nTo avoid the use-after-free, we need to use refcount_inc_not_zero() in\ntcp_twsk_unique() and give up on reusing the port if it returns false.\n\n[0]:\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 0 PID: 1039313 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110\nCPU: 0 PID: 1039313 Comm: trigger Not tainted 6.8.6-200.fc39.x86_64 #1\nHardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.21805430.B64.2305221830 05/22/2023\nRIP: 0010:refcount_warn_saturate+0xe5/0x110\nCode: 42 8e ff 0f 0b c3 cc cc cc cc 80 3d aa 13 ea 01 00 0f 85 5e ff ff ff 48 c7 c7 f8 8e b7 82 c6 05 96 13 ea 01 01 e8 7b 42 8e ff \u003c0f\u003e 0b c3 cc cc cc cc 48 c7 c7 50 8f b7 82 c6 05 7a 13 ea 01 01 e8\nRSP: 0018:ffffc90006b43b60 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888009bb3ef0 RCX: 0000000000000027\nRDX: ffff88807be218c8 RSI: 0000000000000001 RDI: ffff88807be218c0\nRBP: 0000000000069d70 R08: 0000000000000000 R09: ffffc90006b439f0\nR10: ffffc90006b439e8 R11: 0000000000000003 R12: ffff8880029ede84\nR13: 0000000000004e20 R14: ffffffff84356dc0 R15: ffff888009bb3ef0\nFS: 00007f62c10926c0(0000) GS:ffff88807be00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020ccb000 CR3: 000000004628c005 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xe5/0x110\n ? __warn+0x81/0x130\n ? refcount_warn_saturate+0xe5/0x110\n ? report_bug+0x171/0x1a0\n ? refcount_warn_saturate+0xe5/0x110\n ? handle_bug+0x3c/0x80\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? refcount_warn_saturate+0xe5/0x110\n tcp_twsk_unique+0x186/0x190\n __inet_check_established+0x176/0x2d0\n __inet_hash_connect+0x74/0x7d0\n ? __pfx___inet_check_established+0x10/0x10\n tcp_v4_connect+0x278/0x530\n __inet_stream_connect+0x10f/0x3d0\n inet_stream_connect+0x3a/0x60\n __sys_connect+0xa8/0xd0\n __x64_sys_connect+0x18/0x20\n do_syscall_64+0x83/0x170\n entry_SYSCALL_64_after_hwframe+0x78/0x80\nRIP: 0033:0x7f62c11a885d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d a3 45 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007f62c1091e58 EFLAGS: 00000296 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000020ccb004 RCX: 00007f62c11a885d\nRDX: 0000000000000010 RSI: 0000000020ccb000 RDI: 0000000000000003\nRBP: 00007f62c1091e90 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000296 R12: 00007f62c10926c0\nR13: ffffffffffffff88 R14: 0000000000000000 R15: 00007ffe237885b0\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36904",
"url": "https://www.suse.com/security/cve/CVE-2024-36904"
},
{
"category": "external",
"summary": "SUSE Bug 1225732 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225732"
},
{
"category": "external",
"summary": "SUSE Bug 1225733 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-36904"
},
{
"cve": "CVE-2024-36964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36964",
"url": "https://www.suse.com/security/cve/CVE-2024-36964"
},
{
"category": "external",
"summary": "SUSE Bug 1225866 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "external",
"summary": "SUSE Bug 1226325 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1226325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-36971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix __dst_negative_advice() race\n\n__dst_negative_advice() does not enforce proper RCU rules when\nsk-\u003edst_cache must be cleared, leading to possible UAF.\n\nRCU rules are that we must first clear sk-\u003esk_dst_cache,\nthen call dst_release(old_dst).\n\nNote that sk_dst_reset(sk) is implementing this protocol correctly,\nwhile __dst_negative_advice() uses the wrong order.\n\nGiven that ip6_negative_advice() has special logic\nagainst RTF_CACHE, this means each of the three -\u003enegative_advice()\nexisting methods must perform the sk_dst_reset() themselves.\n\nNote the check against NULL dst is centralized in\n__dst_negative_advice(), there is no need to duplicate\nit in various callbacks.\n\nMany thanks to Clement Lecigne for tracking this issue.\n\nThis old bug became visible after the blamed commit, using UDP sockets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36971",
"url": "https://www.suse.com/security/cve/CVE-2024-36971"
},
{
"category": "external",
"summary": "SUSE Bug 1226145 for CVE-2024-36971",
"url": "https://bugzilla.suse.com/1226145"
},
{
"category": "external",
"summary": "SUSE Bug 1226324 for CVE-2024-36971",
"url": "https://bugzilla.suse.com/1226324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-36971"
},
{
"cve": "CVE-2024-40954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not leave a dangling sk pointer, when socket creation fails\n\nIt is possible to trigger a use-after-free by:\n * attaching an fentry probe to __sock_release() and the probe calling the\n bpf_get_socket_cookie() helper\n * running traceroute -I 1.1.1.1 on a freshly booted VM\n\nA KASAN enabled kernel will log something like below (decoded and stripped):\n==================================================================\nBUG: KASAN: slab-use-after-free in __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nRead of size 8 at addr ffff888007110dd8 by task traceroute/299\n\nCPU: 2 PID: 299 Comm: traceroute Tainted: G E 6.10.0-rc2+ #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\nprint_report (mm/kasan/report.c:378 mm/kasan/report.c:488)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_report (mm/kasan/report.c:603)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_check_range (mm/kasan/generic.c:183 mm/kasan/generic.c:189)\n__sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nbpf_get_socket_ptr_cookie (./arch/x86/include/asm/preempt.h:94 ./include/linux/sock_diag.h:42 net/core/filter.c:5094 net/core/filter.c:5092)\nbpf_prog_875642cf11f1d139___sock_release+0x6e/0x8e\nbpf_trampoline_6442506592+0x47/0xaf\n__sock_release (net/socket.c:652)\n__sock_create (net/socket.c:1601)\n...\nAllocated by task 299 on cpu 2 at 78.328492s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\n__kasan_slab_alloc (mm/kasan/common.c:312 mm/kasan/common.c:338)\nkmem_cache_alloc_noprof (mm/slub.c:3941 mm/slub.c:4000 mm/slub.c:4007)\nsk_prot_alloc (net/core/sock.c:2075)\nsk_alloc (net/core/sock.c:2134)\ninet_create (net/ipv4/af_inet.c:327 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFreed by task 299 on cpu 2 at 78.328502s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\nkasan_save_free_info (mm/kasan/generic.c:582)\npoison_slab_object (mm/kasan/common.c:242)\n__kasan_slab_free (mm/kasan/common.c:256)\nkmem_cache_free (mm/slub.c:4437 mm/slub.c:4511)\n__sk_destruct (net/core/sock.c:2117 net/core/sock.c:2208)\ninet_create (net/ipv4/af_inet.c:397 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by clearing the struct socket reference in sk_common_release() to cover\nall protocol families create functions, which may already attached the\nreference to the sk object with sock_init_data().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40954",
"url": "https://www.suse.com/security/cve/CVE-2024-40954"
},
{
"category": "external",
"summary": "SUSE Bug 1227808 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1227808"
},
{
"category": "external",
"summary": "SUSE Bug 1228786 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1228786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-40954"
},
{
"cve": "CVE-2024-41059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix uninit-value in copy_name\n\n[syzbot reported]\nBUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160\n sized_strscpy+0xc4/0x160\n copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411\n hfsplus_listxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3877 [inline]\n slab_alloc_node mm/slub.c:3918 [inline]\n kmalloc_trace+0x57b/0xbe0 mm/slub.c:4065\n kmalloc include/linux/slab.h:628 [inline]\n hfsplus_listxattr+0x4cc/0x1a50 fs/hfsplus/xattr.c:699\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[Fix]\nWhen allocating memory to strbuf, initialize memory to 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41059",
"url": "https://www.suse.com/security/cve/CVE-2024-41059"
},
{
"category": "external",
"summary": "SUSE Bug 1228561 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228561"
},
{
"category": "external",
"summary": "SUSE Bug 1228573 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-41059"
},
{
"cve": "CVE-2024-43861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: qmi_wwan: fix memory leak for not ip packets\n\nFree the unused skb when not ip packets arrive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43861",
"url": "https://www.suse.com/security/cve/CVE-2024-43861"
},
{
"category": "external",
"summary": "SUSE Bug 1229500 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229500"
},
{
"category": "external",
"summary": "SUSE Bug 1229553 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-43861"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_119-default-10-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T15:03:50Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
}
]
}
SUSE-SU-2025:0084-1
Vulnerability from csaf_suse - Published: 2025-01-14 03:33 - Updated: 2025-01-14 03:33Summary
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)
Notes
Title of the patch
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)
Description of the patch
This update for the Linux Kernel 6.4.0-150600_10_5 fixes several issues.
The following security issues were fixed:
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349).
Patchnames
SUSE-2025-84,SUSE-SLE-Module-Live-Patching-15-SP6-2025-84
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 6.4.0-150600_10_5 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233712).\n- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).\n- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).\n- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)\n- CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-84,SUSE-SLE-Module-Live-Patching-15-SP6-2025-84",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0084-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0084-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250084-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0084-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020104.html"
},
{
"category": "self",
"summary": "SUSE Bug 1225819",
"url": "https://bugzilla.suse.com/1225819"
},
{
"category": "self",
"summary": "SUSE Bug 1228349",
"url": "https://bugzilla.suse.com/1228349"
},
{
"category": "self",
"summary": "SUSE Bug 1228786",
"url": "https://bugzilla.suse.com/1228786"
},
{
"category": "self",
"summary": "SUSE Bug 1229273",
"url": "https://bugzilla.suse.com/1229273"
},
{
"category": "self",
"summary": "SUSE Bug 1229553",
"url": "https://bugzilla.suse.com/1229553"
},
{
"category": "self",
"summary": "SUSE Bug 1233712",
"url": "https://bugzilla.suse.com/1233712"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40909 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)",
"tracking": {
"current_release_date": "2025-01-14T03:33:43Z",
"generator": {
"date": "2025-01-14T03:33:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0084-1",
"initial_release_date": "2025-01-14T03:33:43Z",
"revision_history": [
{
"date": "2025-01-14T03:33:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T03:33:43Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2024-35949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: make sure that WRITTEN is set on all metadata blocks\n\nWe previously would call btrfs_check_leaf() if we had the check\nintegrity code enabled, which meant that we could only run the extended\nleaf checks if we had WRITTEN set on the header flags.\n\nThis leaves a gap in our checking, because we could end up with\ncorruption on disk where WRITTEN isn\u0027t set on the leaf, and then the\nextended leaf checks don\u0027t get run which we rely on to validate all of\nthe item pointers to make sure we don\u0027t access memory outside of the\nextent buffer.\n\nHowever, since 732fab95abe2 (\"btrfs: check-integrity: remove\nCONFIG_BTRFS_FS_CHECK_INTEGRITY option\") we no longer call\nbtrfs_check_leaf() from btrfs_mark_buffer_dirty(), which means we only\never call it on blocks that are being written out, and thus have WRITTEN\nset, or that are being read in, which should have WRITTEN set.\n\nAdd checks to make sure we have WRITTEN set appropriately, and then make\nsure __btrfs_check_leaf() always does the item checking. This will\nprotect us from file systems that have been corrupted and no longer have\nWRITTEN set on some of the blocks.\n\nThis was hit on a crafted image tweaking the WRITTEN bit and reported by\nKASAN as out-of-bound access in the eb accessors. The example is a dir\nitem at the end of an eb.\n\n [2.042] BTRFS warning (device loop1): bad eb member start: ptr 0x3fff start 30572544 member offset 16410 size 2\n [2.040] general protection fault, probably for non-canonical address 0xe0009d1000000003: 0000 [#1] PREEMPT SMP KASAN NOPTI\n [2.537] KASAN: maybe wild-memory-access in range [0x0005088000000018-0x000508800000001f]\n [2.729] CPU: 0 PID: 2587 Comm: mount Not tainted 6.8.2 #1\n [2.729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n [2.621] RIP: 0010:btrfs_get_16+0x34b/0x6d0\n [2.621] RSP: 0018:ffff88810871fab8 EFLAGS: 00000206\n [2.621] RAX: 0000a11000000003 RBX: ffff888104ff8720 RCX: ffff88811b2288c0\n [2.621] RDX: dffffc0000000000 RSI: ffffffff81dd8aca RDI: ffff88810871f748\n [2.621] RBP: 000000000000401a R08: 0000000000000001 R09: ffffed10210e3ee9\n [2.621] R10: ffff88810871f74f R11: 205d323430333737 R12: 000000000000001a\n [2.621] R13: 000508800000001a R14: 1ffff110210e3f5d R15: ffffffff850011e8\n [2.621] FS: 00007f56ea275840(0000) GS:ffff88811b200000(0000) knlGS:0000000000000000\n [2.621] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [2.621] CR2: 00007febd13b75c0 CR3: 000000010bb50000 CR4: 00000000000006f0\n [2.621] Call Trace:\n [2.621] \u003cTASK\u003e\n [2.621] ? show_regs+0x74/0x80\n [2.621] ? die_addr+0x46/0xc0\n [2.621] ? exc_general_protection+0x161/0x2a0\n [2.621] ? asm_exc_general_protection+0x26/0x30\n [2.621] ? btrfs_get_16+0x33a/0x6d0\n [2.621] ? btrfs_get_16+0x34b/0x6d0\n [2.621] ? btrfs_get_16+0x33a/0x6d0\n [2.621] ? __pfx_btrfs_get_16+0x10/0x10\n [2.621] ? __pfx_mutex_unlock+0x10/0x10\n [2.621] btrfs_match_dir_item_name+0x101/0x1a0\n [2.621] btrfs_lookup_dir_item+0x1f3/0x280\n [2.621] ? __pfx_btrfs_lookup_dir_item+0x10/0x10\n [2.621] btrfs_get_tree+0xd25/0x1910\n\n[ copy more details from report ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35949",
"url": "https://www.suse.com/security/cve/CVE-2024-35949"
},
{
"category": "external",
"summary": "SUSE Bug 1224700 for CVE-2024-35949",
"url": "https://bugzilla.suse.com/1224700"
},
{
"category": "external",
"summary": "SUSE Bug 1229273 for CVE-2024-35949",
"url": "https://bugzilla.suse.com/1229273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T03:33:43Z",
"details": "important"
}
],
"title": "CVE-2024-35949"
},
{
"cve": "CVE-2024-40909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a potential use-after-free in bpf_link_free()\n\nAfter commit 1a80dbcb2dba, bpf_link can be freed by\nlink-\u003eops-\u003edealloc_deferred, but the code still tests and uses\nlink-\u003eops-\u003edealloc afterward, which leads to a use-after-free as\nreported by syzbot. Actually, one of them should be sufficient, so\njust call one of them instead of both. Also add a WARN_ON() in case\nof any problematic implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40909",
"url": "https://www.suse.com/security/cve/CVE-2024-40909"
},
{
"category": "external",
"summary": "SUSE Bug 1227798 for CVE-2024-40909",
"url": "https://bugzilla.suse.com/1227798"
},
{
"category": "external",
"summary": "SUSE Bug 1228349 for CVE-2024-40909",
"url": "https://bugzilla.suse.com/1228349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T03:33:43Z",
"details": "important"
}
],
"title": "CVE-2024-40909"
},
{
"cve": "CVE-2024-40954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not leave a dangling sk pointer, when socket creation fails\n\nIt is possible to trigger a use-after-free by:\n * attaching an fentry probe to __sock_release() and the probe calling the\n bpf_get_socket_cookie() helper\n * running traceroute -I 1.1.1.1 on a freshly booted VM\n\nA KASAN enabled kernel will log something like below (decoded and stripped):\n==================================================================\nBUG: KASAN: slab-use-after-free in __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nRead of size 8 at addr ffff888007110dd8 by task traceroute/299\n\nCPU: 2 PID: 299 Comm: traceroute Tainted: G E 6.10.0-rc2+ #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\nprint_report (mm/kasan/report.c:378 mm/kasan/report.c:488)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_report (mm/kasan/report.c:603)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_check_range (mm/kasan/generic.c:183 mm/kasan/generic.c:189)\n__sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nbpf_get_socket_ptr_cookie (./arch/x86/include/asm/preempt.h:94 ./include/linux/sock_diag.h:42 net/core/filter.c:5094 net/core/filter.c:5092)\nbpf_prog_875642cf11f1d139___sock_release+0x6e/0x8e\nbpf_trampoline_6442506592+0x47/0xaf\n__sock_release (net/socket.c:652)\n__sock_create (net/socket.c:1601)\n...\nAllocated by task 299 on cpu 2 at 78.328492s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\n__kasan_slab_alloc (mm/kasan/common.c:312 mm/kasan/common.c:338)\nkmem_cache_alloc_noprof (mm/slub.c:3941 mm/slub.c:4000 mm/slub.c:4007)\nsk_prot_alloc (net/core/sock.c:2075)\nsk_alloc (net/core/sock.c:2134)\ninet_create (net/ipv4/af_inet.c:327 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFreed by task 299 on cpu 2 at 78.328502s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\nkasan_save_free_info (mm/kasan/generic.c:582)\npoison_slab_object (mm/kasan/common.c:242)\n__kasan_slab_free (mm/kasan/common.c:256)\nkmem_cache_free (mm/slub.c:4437 mm/slub.c:4511)\n__sk_destruct (net/core/sock.c:2117 net/core/sock.c:2208)\ninet_create (net/ipv4/af_inet.c:397 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by clearing the struct socket reference in sk_common_release() to cover\nall protocol families create functions, which may already attached the\nreference to the sk object with sock_init_data().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40954",
"url": "https://www.suse.com/security/cve/CVE-2024-40954"
},
{
"category": "external",
"summary": "SUSE Bug 1227808 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1227808"
},
{
"category": "external",
"summary": "SUSE Bug 1228786 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1228786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T03:33:43Z",
"details": "important"
}
],
"title": "CVE-2024-40954"
},
{
"cve": "CVE-2024-43861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: qmi_wwan: fix memory leak for not ip packets\n\nFree the unused skb when not ip packets arrive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43861",
"url": "https://www.suse.com/security/cve/CVE-2024-43861"
},
{
"category": "external",
"summary": "SUSE Bug 1229500 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229500"
},
{
"category": "external",
"summary": "SUSE Bug 1229553 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T03:33:43Z",
"details": "important"
}
],
"title": "CVE-2024-43861"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-6-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T03:33:43Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
}
]
}
SUSE-SU-2025:0106-1
Vulnerability from csaf_suse - Published: 2025-01-14 18:33 - Updated: 2025-01-14 18:33Summary
Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3)
Description of the patch
This update for the Linux Kernel 5.3.18-150300_59_158 fixes several issues.
The following security issues were fixed:
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712).
- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).
- CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651).
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).
- CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301)
- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310).
- CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
- CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).
- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514).
- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619).
Patchnames
SUSE-2025-106,SUSE-SLE-Module-Live-Patching-15-SP3-2025-106
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150300_59_158 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233712).\n- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).\n- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).\n- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).\n- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).\n- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).\n- CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651).\n- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).\n- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).\n- CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301)\n- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202).\n- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).\n- CVE-2024-35950: drm/client: Fully protect modes with dev-\u003emode_config.mutex (bsc#1225310).\n- CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211).\n- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).\n- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).\n- CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537).\n- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145).\n- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).\n- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).\n- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-\u003emac_header (bsc#1223514).\n- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-106,SUSE-SLE-Module-Live-Patching-15-SP3-2025-106",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0106-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0106-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250106-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0106-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020113.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210619",
"url": "https://bugzilla.suse.com/1210619"
},
{
"category": "self",
"summary": "SUSE Bug 1220145",
"url": "https://bugzilla.suse.com/1220145"
},
{
"category": "self",
"summary": "SUSE Bug 1220537",
"url": "https://bugzilla.suse.com/1220537"
},
{
"category": "self",
"summary": "SUSE Bug 1221302",
"url": "https://bugzilla.suse.com/1221302"
},
{
"category": "self",
"summary": "SUSE Bug 1223059",
"url": "https://bugzilla.suse.com/1223059"
},
{
"category": "self",
"summary": "SUSE Bug 1223363",
"url": "https://bugzilla.suse.com/1223363"
},
{
"category": "self",
"summary": "SUSE Bug 1223514",
"url": "https://bugzilla.suse.com/1223514"
},
{
"category": "self",
"summary": "SUSE Bug 1223683",
"url": "https://bugzilla.suse.com/1223683"
},
{
"category": "self",
"summary": "SUSE Bug 1225013",
"url": "https://bugzilla.suse.com/1225013"
},
{
"category": "self",
"summary": "SUSE Bug 1225202",
"url": "https://bugzilla.suse.com/1225202"
},
{
"category": "self",
"summary": "SUSE Bug 1225211",
"url": "https://bugzilla.suse.com/1225211"
},
{
"category": "self",
"summary": "SUSE Bug 1225302",
"url": "https://bugzilla.suse.com/1225302"
},
{
"category": "self",
"summary": "SUSE Bug 1225309",
"url": "https://bugzilla.suse.com/1225309"
},
{
"category": "self",
"summary": "SUSE Bug 1225310",
"url": "https://bugzilla.suse.com/1225310"
},
{
"category": "self",
"summary": "SUSE Bug 1225311",
"url": "https://bugzilla.suse.com/1225311"
},
{
"category": "self",
"summary": "SUSE Bug 1225312",
"url": "https://bugzilla.suse.com/1225312"
},
{
"category": "self",
"summary": "SUSE Bug 1225733",
"url": "https://bugzilla.suse.com/1225733"
},
{
"category": "self",
"summary": "SUSE Bug 1225819",
"url": "https://bugzilla.suse.com/1225819"
},
{
"category": "self",
"summary": "SUSE Bug 1226325",
"url": "https://bugzilla.suse.com/1226325"
},
{
"category": "self",
"summary": "SUSE Bug 1227471",
"url": "https://bugzilla.suse.com/1227471"
},
{
"category": "self",
"summary": "SUSE Bug 1227651",
"url": "https://bugzilla.suse.com/1227651"
},
{
"category": "self",
"summary": "SUSE Bug 1228573",
"url": "https://bugzilla.suse.com/1228573"
},
{
"category": "self",
"summary": "SUSE Bug 1229553",
"url": "https://bugzilla.suse.com/1229553"
},
{
"category": "self",
"summary": "SUSE Bug 1232637",
"url": "https://bugzilla.suse.com/1232637"
},
{
"category": "self",
"summary": "SUSE Bug 1233712",
"url": "https://bugzilla.suse.com/1233712"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46955 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47291 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47378 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47383 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47402 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47598 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48651 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1829 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26610 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3)",
"tracking": {
"current_release_date": "2025-01-14T18:33:28Z",
"generator": {
"date": "2025-01-14T18:33:28Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0106-1",
"initial_release_date": "2025-01-14T18:33:28Z",
"revision_history": [
{
"date": "2025-01-14T18:33:28Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_158-preempt-10-150300.7.6.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_158-preempt-10-150300.7.6.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_158-preempt-10-150300.7.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-46955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: fix stack OOB read while fragmenting IPv4 packets\n\nrunning openvswitch on kernels built with KASAN, it\u0027s possible to see the\nfollowing splat while testing fragmentation of IPv4 packets:\n\n BUG: KASAN: stack-out-of-bounds in ip_do_fragment+0x1b03/0x1f60\n Read of size 1 at addr ffff888112fc713c by task handler2/1367\n\n CPU: 0 PID: 1367 Comm: handler2 Not tainted 5.12.0-rc6+ #418\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n Call Trace:\n dump_stack+0x92/0xc1\n print_address_description.constprop.7+0x1a/0x150\n kasan_report.cold.13+0x7f/0x111\n ip_do_fragment+0x1b03/0x1f60\n ovs_fragment+0x5bf/0x840 [openvswitch]\n do_execute_actions+0x1bd5/0x2400 [openvswitch]\n ovs_execute_actions+0xc8/0x3d0 [openvswitch]\n ovs_packet_cmd_execute+0xa39/0x1150 [openvswitch]\n genl_family_rcv_msg_doit.isra.15+0x227/0x2d0\n genl_rcv_msg+0x287/0x490\n netlink_rcv_skb+0x120/0x380\n genl_rcv+0x24/0x40\n netlink_unicast+0x439/0x630\n netlink_sendmsg+0x719/0xbf0\n sock_sendmsg+0xe2/0x110\n ____sys_sendmsg+0x5ba/0x890\n ___sys_sendmsg+0xe9/0x160\n __sys_sendmsg+0xd3/0x170\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f957079db07\n Code: c3 66 90 41 54 41 89 d4 55 48 89 f5 53 89 fb 48 83 ec 10 e8 eb ec ff ff 44 89 e2 48 89 ee 89 df 41 89 c0 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 35 44 89 c7 48 89 44 24 08 e8 24 ed ff ff 48\n RSP: 002b:00007f956ce35a50 EFLAGS: 00000293 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000000000000019 RCX: 00007f957079db07\n RDX: 0000000000000000 RSI: 00007f956ce35ae0 RDI: 0000000000000019\n RBP: 00007f956ce35ae0 R08: 0000000000000000 R09: 00007f9558006730\n R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000\n R13: 00007f956ce37308 R14: 00007f956ce35f80 R15: 00007f956ce35ae0\n\n The buggy address belongs to the page:\n page:00000000af2a1d93 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x112fc7\n flags: 0x17ffffc0000000()\n raw: 0017ffffc0000000 0000000000000000 dead000000000122 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\n page dumped because: kasan: bad access detected\n\n addr ffff888112fc713c is located in stack of task handler2/1367 at offset 180 in frame:\n ovs_fragment+0x0/0x840 [openvswitch]\n\n this frame has 2 objects:\n [32, 144) \u0027ovs_dst\u0027\n [192, 424) \u0027ovs_rt\u0027\n\n Memory state around the buggy address:\n ffff888112fc7000: f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888112fc7080: 00 f1 f1 f1 f1 00 00 00 00 00 00 00 00 00 00 00\n \u003effff888112fc7100: 00 00 00 f2 f2 f2 f2 f2 f2 00 00 00 00 00 00 00\n ^\n ffff888112fc7180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888112fc7200: 00 00 00 00 00 00 f2 f2 f2 00 00 00 00 00 00 00\n\nfor IPv4 packets, ovs_fragment() uses a temporary struct dst_entry. Then,\nin the following call graph:\n\n ip_do_fragment()\n ip_skb_dst_mtu()\n ip_dst_mtu_maybe_forward()\n ip_mtu_locked()\n\nthe pointer to struct dst_entry is used as pointer to struct rtable: this\nturns the access to struct members like rt_mtu_locked into an OOB read in\nthe stack. Fix this changing the temporary variable used for IPv4 packets\nin ovs_fragment(), similarly to what is done for IPv6 few lines below.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46955",
"url": "https://www.suse.com/security/cve/CVE-2021-46955"
},
{
"category": "external",
"summary": "SUSE Bug 1220513 for CVE-2021-46955",
"url": "https://bugzilla.suse.com/1220513"
},
{
"category": "external",
"summary": "SUSE Bug 1220537 for CVE-2021-46955",
"url": "https://bugzilla.suse.com/1220537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2021-46955"
},
{
"cve": "CVE-2021-47291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47291"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions\n\nWhile running the self-tests on a KASAN enabled kernel, I observed a\nslab-out-of-bounds splat very similar to the one reported in\ncommit 821bbf79fe46 (\"ipv6: Fix KASAN: slab-out-of-bounds Read in\n fib6_nh_flush_exceptions\").\n\nWe additionally need to take care of fib6_metrics initialization\nfailure when the caller provides an nh.\n\nThe fix is similar, explicitly free the route instead of calling\nfib6_info_release on a half-initialized object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47291",
"url": "https://www.suse.com/security/cve/CVE-2021-47291"
},
{
"category": "external",
"summary": "SUSE Bug 1224918 for CVE-2021-47291",
"url": "https://bugzilla.suse.com/1224918"
},
{
"category": "external",
"summary": "SUSE Bug 1227651 for CVE-2021-47291",
"url": "https://bugzilla.suse.com/1227651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2021-47291"
},
{
"cve": "CVE-2021-47378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47378"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-rdma: destroy cm id before destroy qp to avoid use after free\n\nWe should always destroy cm_id before destroy qp to avoid to get cma\nevent after qp was destroyed, which may lead to use after free.\nIn RDMA connection establishment error flow, don\u0027t destroy qp in cm\nevent handler.Just report cm_error to upper level, qp will be destroy\nin nvme_rdma_alloc_queue() after destroy cm id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47378",
"url": "https://www.suse.com/security/cve/CVE-2021-47378"
},
{
"category": "external",
"summary": "SUSE Bug 1225201 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225201"
},
{
"category": "external",
"summary": "SUSE Bug 1225202 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2021-47378"
},
{
"cve": "CVE-2021-47383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47383"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: Fix out-of-bound vmalloc access in imageblit\n\nThis issue happens when a userspace program does an ioctl\nFBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct\ncontaining only the fields xres, yres, and bits_per_pixel\nwith values.\n\nIf this struct is the same as the previous ioctl, the\nvc_resize() detects it and doesn\u0027t call the resize_screen(),\nleaving the fb_var_screeninfo incomplete. And this leads to\nthe updatescrollmode() calculates a wrong value to\nfbcon_display-\u003evrows, which makes the real_y() return a\nwrong value of y, and that value, eventually, causes\nthe imageblit to access an out-of-bound address value.\n\nTo solve this issue I made the resize_screen() be called\neven if the screen does not need any resizing, so it will\n\"fix and fill\" the fb_var_screeninfo independently.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47383",
"url": "https://www.suse.com/security/cve/CVE-2021-47383"
},
{
"category": "external",
"summary": "SUSE Bug 1225208 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225208"
},
{
"category": "external",
"summary": "SUSE Bug 1225211 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2021-47383"
},
{
"cve": "CVE-2021-47402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47402"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: flower: protect fl_walk() with rcu\n\nPatch that refactored fl_walk() to use idr_for_each_entry_continue_ul()\nalso removed rcu protection of individual filters which causes following\nuse-after-free when filter is deleted concurrently. Fix fl_walk() to obtain\nrcu read lock while iterating and taking the filter reference and temporary\nrelease the lock while calling arg-\u003efn() callback that can sleep.\n\nKASAN trace:\n\n[ 352.773640] ==================================================================\n[ 352.775041] BUG: KASAN: use-after-free in fl_walk+0x159/0x240 [cls_flower]\n[ 352.776304] Read of size 4 at addr ffff8881c8251480 by task tc/2987\n\n[ 352.777862] CPU: 3 PID: 2987 Comm: tc Not tainted 5.15.0-rc2+ #2\n[ 352.778980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 352.781022] Call Trace:\n[ 352.781573] dump_stack_lvl+0x46/0x5a\n[ 352.782332] print_address_description.constprop.0+0x1f/0x140\n[ 352.783400] ? fl_walk+0x159/0x240 [cls_flower]\n[ 352.784292] ? fl_walk+0x159/0x240 [cls_flower]\n[ 352.785138] kasan_report.cold+0x83/0xdf\n[ 352.785851] ? fl_walk+0x159/0x240 [cls_flower]\n[ 352.786587] kasan_check_range+0x145/0x1a0\n[ 352.787337] fl_walk+0x159/0x240 [cls_flower]\n[ 352.788163] ? fl_put+0x10/0x10 [cls_flower]\n[ 352.789007] ? __mutex_unlock_slowpath.constprop.0+0x220/0x220\n[ 352.790102] tcf_chain_dump+0x231/0x450\n[ 352.790878] ? tcf_chain_tp_delete_empty+0x170/0x170\n[ 352.791833] ? __might_sleep+0x2e/0xc0\n[ 352.792594] ? tfilter_notify+0x170/0x170\n[ 352.793400] ? __mutex_unlock_slowpath.constprop.0+0x220/0x220\n[ 352.794477] tc_dump_tfilter+0x385/0x4b0\n[ 352.795262] ? tc_new_tfilter+0x1180/0x1180\n[ 352.796103] ? __mod_node_page_state+0x1f/0xc0\n[ 352.796974] ? __build_skb_around+0x10e/0x130\n[ 352.797826] netlink_dump+0x2c0/0x560\n[ 352.798563] ? netlink_getsockopt+0x430/0x430\n[ 352.799433] ? __mutex_unlock_slowpath.constprop.0+0x220/0x220\n[ 352.800542] __netlink_dump_start+0x356/0x440\n[ 352.801397] rtnetlink_rcv_msg+0x3ff/0x550\n[ 352.802190] ? tc_new_tfilter+0x1180/0x1180\n[ 352.802872] ? rtnl_calcit.isra.0+0x1f0/0x1f0\n[ 352.803668] ? tc_new_tfilter+0x1180/0x1180\n[ 352.804344] ? _copy_from_iter_nocache+0x800/0x800\n[ 352.805202] ? kasan_set_track+0x1c/0x30\n[ 352.805900] netlink_rcv_skb+0xc6/0x1f0\n[ 352.806587] ? rht_deferred_worker+0x6b0/0x6b0\n[ 352.807455] ? rtnl_calcit.isra.0+0x1f0/0x1f0\n[ 352.808324] ? netlink_ack+0x4d0/0x4d0\n[ 352.809086] ? netlink_deliver_tap+0x62/0x3d0\n[ 352.809951] netlink_unicast+0x353/0x480\n[ 352.810744] ? netlink_attachskb+0x430/0x430\n[ 352.811586] ? __alloc_skb+0xd7/0x200\n[ 352.812349] netlink_sendmsg+0x396/0x680\n[ 352.813132] ? netlink_unicast+0x480/0x480\n[ 352.813952] ? __import_iovec+0x192/0x210\n[ 352.814759] ? netlink_unicast+0x480/0x480\n[ 352.815580] sock_sendmsg+0x6c/0x80\n[ 352.816299] ____sys_sendmsg+0x3a5/0x3c0\n[ 352.817096] ? kernel_sendmsg+0x30/0x30\n[ 352.817873] ? __ia32_sys_recvmmsg+0x150/0x150\n[ 352.818753] ___sys_sendmsg+0xd8/0x140\n[ 352.819518] ? sendmsg_copy_msghdr+0x110/0x110\n[ 352.820402] ? ___sys_recvmsg+0xf4/0x1a0\n[ 352.821110] ? __copy_msghdr_from_user+0x260/0x260\n[ 352.821934] ? _raw_spin_lock+0x81/0xd0\n[ 352.822680] ? __handle_mm_fault+0xef3/0x1b20\n[ 352.823549] ? rb_insert_color+0x2a/0x270\n[ 352.824373] ? copy_page_range+0x16b0/0x16b0\n[ 352.825209] ? perf_event_update_userpage+0x2d0/0x2d0\n[ 352.826190] ? __fget_light+0xd9/0xf0\n[ 352.826941] __sys_sendmsg+0xb3/0x130\n[ 352.827613] ? __sys_sendmsg_sock+0x20/0x20\n[ 352.828377] ? do_user_addr_fault+0x2c5/0x8a0\n[ 352.829184] ? fpregs_assert_state_consistent+0x52/0x60\n[ 352.830001] ? exit_to_user_mode_prepare+0x32/0x160\n[ 352.830845] do_syscall_64+0x35/0x80\n[ 352.831445] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 352.832331] RIP: 0033:0x7f7bee973c17\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47402",
"url": "https://www.suse.com/security/cve/CVE-2021-47402"
},
{
"category": "external",
"summary": "SUSE Bug 1225301 for CVE-2021-47402",
"url": "https://bugzilla.suse.com/1225301"
},
{
"category": "external",
"summary": "SUSE Bug 1225302 for CVE-2021-47402",
"url": "https://bugzilla.suse.com/1225302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2021-47402"
},
{
"cve": "CVE-2021-47598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_cake: do not call cake_destroy() from cake_init()\n\nqdiscs are not supposed to call their own destroy() method\nfrom init(), because core stack already does that.\n\nsyzbot was able to trigger use after free:\n\nDEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock_common kernel/locking/mutex.c:586 [inline]\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nModules linked in:\nCPU: 0 PID: 21902 Comm: syz-executor189 Not tainted 5.16.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:__mutex_lock_common kernel/locking/mutex.c:586 [inline]\nRIP: 0010:__mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nCode: 08 84 d2 0f 85 19 08 00 00 8b 05 97 38 4b 04 85 c0 0f 85 27 f7 ff ff 48 c7 c6 20 00 ac 89 48 c7 c7 a0 fe ab 89 e8 bf 76 ba ff \u003c0f\u003e 0b e9 0d f7 ff ff 48 8b 44 24 40 48 8d b8 c8 08 00 00 48 89 f8\nRSP: 0018:ffffc9000627f290 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802315d700 RSI: ffffffff815f1db8 RDI: fffff52000c4fe44\nRBP: ffff88818f28e000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815ebb5e R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: ffffc9000627f458 R15: 0000000093c30000\nFS: 0000555556abc400(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fda689c3303 CR3: 000000001cfbb000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcf_chain0_head_change_cb_del+0x2e/0x3d0 net/sched/cls_api.c:810\n tcf_block_put_ext net/sched/cls_api.c:1381 [inline]\n tcf_block_put_ext net/sched/cls_api.c:1376 [inline]\n tcf_block_put+0xbc/0x130 net/sched/cls_api.c:1394\n cake_destroy+0x3f/0x80 net/sched/sch_cake.c:2695\n qdisc_create.constprop.0+0x9da/0x10f0 net/sched/sch_api.c:1293\n tc_modify_qdisc+0x4c5/0x1980 net/sched/sch_api.c:1660\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2496\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f1bb06badb9\nCode: Unable to access opcode bytes at RIP 0x7f1bb06bad8f.\nRSP: 002b:00007fff3012a658 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1bb06badb9\nRDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000003 R11: 0000000000000246 R12: 00007fff3012a688\nR13: 00007fff3012a6a0 R14: 00007fff3012a6e0 R15: 00000000000013c2\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47598",
"url": "https://www.suse.com/security/cve/CVE-2021-47598"
},
{
"category": "external",
"summary": "SUSE Bug 1226574 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1226574"
},
{
"category": "external",
"summary": "SUSE Bug 1227471 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1227471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2021-47598"
},
{
"cve": "CVE-2022-48651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix out-of-bound bugs caused by unset skb-\u003emac_header\n\nIf an AF_PACKET socket is used to send packets through ipvlan and the\ndefault xmit function of the AF_PACKET socket is changed from\ndev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option\nname of PACKET_QDISC_BYPASS, the skb-\u003emac_header may not be reset and\nremains as the initial value of 65535, this may trigger slab-out-of-bounds\nbugs as following:\n\n=================================================================\nUG: KASAN: slab-out-of-bounds in ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nPU: 2 PID: 1768 Comm: raw_send Kdump: loaded Not tainted 6.0.0-rc4+ #6\nardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33\nall Trace:\nprint_address_description.constprop.0+0x1d/0x160\nprint_report.cold+0x4f/0x112\nkasan_report+0xa3/0x130\nipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nipvlan_start_xmit+0x29/0xa0 [ipvlan]\n__dev_direct_xmit+0x2e2/0x380\npacket_direct_xmit+0x22/0x60\npacket_snd+0x7c9/0xc40\nsock_sendmsg+0x9a/0xa0\n__sys_sendto+0x18a/0x230\n__x64_sys_sendto+0x74/0x90\ndo_syscall_64+0x3b/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe root cause is:\n 1. packet_snd() only reset skb-\u003emac_header when sock-\u003etype is SOCK_RAW\n and skb-\u003eprotocol is not specified as in packet_parse_headers()\n\n 2. packet_direct_xmit() doesn\u0027t reset skb-\u003emac_header as dev_queue_xmit()\n\nIn this case, skb-\u003emac_header is 65535 when ipvlan_xmit_mode_l2() is\ncalled. So when ipvlan_xmit_mode_l2() gets mac header with eth_hdr() which\nuse \"skb-\u003ehead + skb-\u003emac_header\", out-of-bound access occurs.\n\nThis patch replaces eth_hdr() with skb_eth_hdr() in ipvlan_xmit_mode_l2()\nand reset mac header in multicast to solve this out-of-bound bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48651",
"url": "https://www.suse.com/security/cve/CVE-2022-48651"
},
{
"category": "external",
"summary": "SUSE Bug 1223513 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223513"
},
{
"category": "external",
"summary": "SUSE Bug 1223514 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2022-48651"
},
{
"cve": "CVE-2022-48956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid use-after-free in ip6_fragment()\n\nBlamed commit claimed rcu_read_lock() was held by ip6_fragment() callers.\n\nIt seems to not be always true, at least for UDP stack.\n\nsyzbot reported:\n\nBUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline]\nBUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\nRead of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618\n\nCPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x15e/0x45d mm/kasan/report.c:395\n kasan_report+0xbf/0x1f0 mm/kasan/report.c:495\n ip6_dst_idev include/net/ip6_fib.h:245 [inline]\n ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\n __ip6_finish_output net/ipv6/ip6_output.c:193 [inline]\n ip6_finish_output+0x9a3/0x1170 net/ipv6/ip6_output.c:206\n NF_HOOK_COND include/linux/netfilter.h:291 [inline]\n ip6_output+0x1f1/0x540 net/ipv6/ip6_output.c:227\n dst_output include/net/dst.h:445 [inline]\n ip6_local_out+0xb3/0x1a0 net/ipv6/output_core.c:161\n ip6_send_skb+0xbb/0x340 net/ipv6/ip6_output.c:1966\n udp_v6_send_skb+0x82a/0x18a0 net/ipv6/udp.c:1286\n udp_v6_push_pending_frames+0x140/0x200 net/ipv6/udp.c:1313\n udpv6_sendmsg+0x18da/0x2c80 net/ipv6/udp.c:1606\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0xd3/0x120 net/socket.c:734\n sock_write_iter+0x295/0x3d0 net/socket.c:1108\n call_write_iter include/linux/fs.h:2191 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x9ed/0xdd0 fs/read_write.c:584\n ksys_write+0x1ec/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fde3588c0d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fde365b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fde359ac050 RCX: 00007fde3588c0d9\nRDX: 000000000000ffdc RSI: 00000000200000c0 RDI: 000000000000000a\nRBP: 00007fde358e7ae9 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fde35acfb1f R14: 00007fde365b6300 R15: 0000000000022000\n \u003c/TASK\u003e\n\nAllocated by task 7618:\n kasan_save_stack+0x22/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x82/0x90 mm/kasan/common.c:325\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3398 [inline]\n slab_alloc mm/slub.c:3406 [inline]\n __kmem_cache_alloc_lru mm/slub.c:3413 [inline]\n kmem_cache_alloc+0x2b4/0x3d0 mm/slub.c:3422\n dst_alloc+0x14a/0x1f0 net/core/dst.c:92\n ip6_dst_alloc+0x32/0xa0 net/ipv6/route.c:344\n ip6_rt_pcpu_alloc net/ipv6/route.c:1369 [inline]\n rt6_make_pcpu_route net/ipv6/route.c:1417 [inline]\n ip6_pol_route+0x901/0x1190 net/ipv6/route.c:2254\n pol_lookup_func include/net/ip6_fib.h:582 [inline]\n fib6_rule_lookup+0x52e/0x6f0 net/ipv6/fib6_rules.c:121\n ip6_route_output_flags_noref+0x2e6/0x380 net/ipv6/route.c:2625\n ip6_route_output_flags+0x76/0x320 net/ipv6/route.c:2638\n ip6_route_output include/net/ip6_route.h:98 [inline]\n ip6_dst_lookup_tail+0x5ab/0x1620 net/ipv6/ip6_output.c:1092\n ip6_dst_lookup_flow+0x90/0x1d0 net/ipv6/ip6_output.c:1222\n ip6_sk_dst_lookup_flow+0x553/0x980 net/ipv6/ip6_output.c:1260\n udpv6_sendmsg+0x151d/0x2c80 net/ipv6/udp.c:1554\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48956",
"url": "https://www.suse.com/security/cve/CVE-2022-48956"
},
{
"category": "external",
"summary": "SUSE Bug 1231893 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1231893"
},
{
"category": "external",
"summary": "SUSE Bug 1232799 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1232799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2022-48956"
},
{
"cve": "CVE-2023-1829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1829"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.\nWe recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1829",
"url": "https://www.suse.com/security/cve/CVE-2023-1829"
},
{
"category": "external",
"summary": "SUSE Bug 1210335 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1210335"
},
{
"category": "external",
"summary": "SUSE Bug 1210619 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1210619"
},
{
"category": "external",
"summary": "SUSE Bug 1217444 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1217444"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1220886 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1220886"
},
{
"category": "external",
"summary": "SUSE Bug 1228311 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1228311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2023-1829"
},
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2024-23307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23307"
}
],
"notes": [
{
"category": "general",
"text": "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23307",
"url": "https://www.suse.com/security/cve/CVE-2024-23307"
},
{
"category": "external",
"summary": "SUSE Bug 1219169 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1219169"
},
{
"category": "external",
"summary": "SUSE Bug 1220145 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1220145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-23307"
},
{
"cve": "CVE-2024-26610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix a memory corruption\n\niwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that\nif we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in\nbytes, we\u0027ll write past the buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26610",
"url": "https://www.suse.com/security/cve/CVE-2024-26610"
},
{
"category": "external",
"summary": "SUSE Bug 1221299 for CVE-2024-26610",
"url": "https://bugzilla.suse.com/1221299"
},
{
"category": "external",
"summary": "SUSE Bug 1221302 for CVE-2024-26610",
"url": "https://bugzilla.suse.com/1221302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-26610"
},
{
"cve": "CVE-2024-26828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need. However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t. That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26828",
"url": "https://www.suse.com/security/cve/CVE-2024-26828"
},
{
"category": "external",
"summary": "SUSE Bug 1223084 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "external",
"summary": "SUSE Bug 1223363 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26852",
"url": "https://www.suse.com/security/cve/CVE-2024-26852"
},
{
"category": "external",
"summary": "SUSE Bug 1223057 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "external",
"summary": "SUSE Bug 1223059 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix garbage collector racing against connect()\n\nGarbage collector does not take into account the risk of embryo getting\nenqueued during the garbage collection. If such embryo has a peer that\ncarries SCM_RIGHTS, two consecutive passes of scan_children() may see a\ndifferent set of children. Leading to an incorrectly elevated inflight\ncount, and then a dangling pointer within the gc_inflight_list.\n\nsockets are AF_UNIX/SOCK_STREAM\nS is an unconnected socket\nL is a listening in-flight socket bound to addr, not in fdtable\nV\u0027s fd will be passed via sendmsg(), gets inflight count bumped\n\nconnect(S, addr)\tsendmsg(S, [V]); close(V)\t__unix_gc()\n----------------\t-------------------------\t-----------\n\nNS = unix_create1()\nskb1 = sock_wmalloc(NS)\nL = unix_find_other(addr)\nunix_state_lock(L)\nunix_peer(S) = NS\n\t\t\t// V count=1 inflight=0\n\n \t\t\tNS = unix_peer(S)\n \t\t\tskb2 = sock_alloc()\n\t\t\tskb_queue_tail(NS, skb2[V])\n\n\t\t\t// V became in-flight\n\t\t\t// V count=2 inflight=1\n\n\t\t\tclose(V)\n\n\t\t\t// V count=1 inflight=1\n\t\t\t// GC candidate condition met\n\n\t\t\t\t\t\tfor u in gc_inflight_list:\n\t\t\t\t\t\t if (total_refs == inflight_refs)\n\t\t\t\t\t\t add u to gc_candidates\n\n\t\t\t\t\t\t// gc_candidates={L, V}\n\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t scan_children(u, dec_inflight)\n\n\t\t\t\t\t\t// embryo (skb1) was not\n\t\t\t\t\t\t// reachable from L yet, so V\u0027s\n\t\t\t\t\t\t// inflight remains unchanged\n__skb_queue_tail(L, skb1)\nunix_state_unlock(L)\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t if (u.inflight)\n\t\t\t\t\t\t scan_children(u, inc_inflight_move_tail)\n\n\t\t\t\t\t\t// V count=1 inflight=2 (!)\n\nIf there is a GC-candidate listening socket, lock/unlock its state. This\nmakes GC wait until the end of any ongoing connect() to that socket. After\nflipping the lock, a possibly SCM-laden embryo is already enqueued. And if\nthere is another embryo coming, it can not possibly carry SCM_RIGHTS. At\nthis point, unix_inflight() can not happen because unix_gc_lock is already\ntaken. Inflight graph remains unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26923",
"url": "https://www.suse.com/security/cve/CVE-2024-26923"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1223683 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-27398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n Cleanup Thread | Worker Thread\nsco_sock_release |\n sco_sock_close |\n __sco_sock_close |\n sco_sock_set_timer |\n schedule_delayed_work |\n sco_sock_kill | (wait a time)\n sock_put(sk) //FREE | sco_sock_timeout\n | sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[ 95.890016] ==================================================================\n[ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[ 95.890755] Workqueue: events sco_sock_timeout\n[ 95.890755] Call Trace:\n[ 95.890755] \u003cTASK\u003e\n[ 95.890755] dump_stack_lvl+0x45/0x110\n[ 95.890755] print_address_description+0x78/0x390\n[ 95.890755] print_report+0x11b/0x250\n[ 95.890755] ? __virt_addr_valid+0xbe/0xf0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_report+0x139/0x170\n[ 95.890755] ? update_load_avg+0xe5/0x9f0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_check_range+0x2c3/0x2e0\n[ 95.890755] sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] process_one_work+0x561/0xc50\n[ 95.890755] worker_thread+0xab2/0x13c0\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] kthread+0x279/0x300\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork+0x34/0x60\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork_asm+0x11/0x20\n[ 95.890755] \u003c/TASK\u003e\n[ 95.890755]\n[ 95.890755] Allocated by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] __kasan_kmalloc+0x86/0x90\n[ 95.890755] __kmalloc+0x17f/0x360\n[ 95.890755] sk_prot_alloc+0xe1/0x1a0\n[ 95.890755] sk_alloc+0x31/0x4e0\n[ 95.890755] bt_sock_alloc+0x2b/0x2a0\n[ 95.890755] sco_sock_create+0xad/0x320\n[ 95.890755] bt_sock_create+0x145/0x320\n[ 95.890755] __sock_create+0x2e1/0x650\n[ 95.890755] __sys_socket+0xd0/0x280\n[ 95.890755] __x64_sys_socket+0x75/0x80\n[ 95.890755] do_syscall_64+0xc4/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] Freed by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] kasan_save_free_info+0x40/0x50\n[ 95.890755] poison_slab_object+0x118/0x180\n[ 95.890755] __kasan_slab_free+0x12/0x30\n[ 95.890755] kfree+0xb2/0x240\n[ 95.890755] __sk_destruct+0x317/0x410\n[ 95.890755] sco_sock_release+0x232/0x280\n[ 95.890755] sock_close+0xb2/0x210\n[ 95.890755] __fput+0x37f/0x770\n[ 95.890755] task_work_run+0x1ae/0x210\n[ 95.890755] get_signal+0xe17/0xf70\n[ 95.890755] arch_do_signal_or_restart+0x3f/0x520\n[ 95.890755] syscall_exit_to_user_mode+0x55/0x120\n[ 95.890755] do_syscall_64+0xd1/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the object at ffff88800c388000\n[ 95.890755] which belongs to the cache kmalloc-1k of size 1024\n[ 95.890755] The buggy address is located 128 bytes inside of\n[ 95.890755] freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the physical page:\n[ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 95.890755] ano\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27398",
"url": "https://www.suse.com/security/cve/CVE-2024-27398"
},
{
"category": "external",
"summary": "SUSE Bug 1224174 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "external",
"summary": "SUSE Bug 1225013 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1225013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-35861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35861",
"url": "https://www.suse.com/security/cve/CVE-2024-35861"
},
{
"category": "external",
"summary": "SUSE Bug 1224766 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "external",
"summary": "SUSE Bug 1225312 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1225312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-35861"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev-\u003emode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors\u0027\nmode lists, which are protected by dev-\u003emode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35950",
"url": "https://www.suse.com/security/cve/CVE-2024-35950"
},
{
"category": "external",
"summary": "SUSE Bug 1224703 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "external",
"summary": "SUSE Bug 1225310 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1225310"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-36904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Use refcount_inc_not_zero() in tcp_twsk_unique().\n\nAnderson Nascimento reported a use-after-free splat in tcp_twsk_unique()\nwith nice analysis.\n\nSince commit ec94c2696f0b (\"tcp/dccp: avoid one atomic operation for\ntimewait hashdance\"), inet_twsk_hashdance() sets TIME-WAIT socket\u0027s\nsk_refcnt after putting it into ehash and releasing the bucket lock.\n\nThus, there is a small race window where other threads could try to\nreuse the port during connect() and call sock_hold() in tcp_twsk_unique()\nfor the TIME-WAIT socket with zero refcnt.\n\nIf that happens, the refcnt taken by tcp_twsk_unique() is overwritten\nand sock_put() will cause underflow, triggering a real use-after-free\nsomewhere else.\n\nTo avoid the use-after-free, we need to use refcount_inc_not_zero() in\ntcp_twsk_unique() and give up on reusing the port if it returns false.\n\n[0]:\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 0 PID: 1039313 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110\nCPU: 0 PID: 1039313 Comm: trigger Not tainted 6.8.6-200.fc39.x86_64 #1\nHardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.21805430.B64.2305221830 05/22/2023\nRIP: 0010:refcount_warn_saturate+0xe5/0x110\nCode: 42 8e ff 0f 0b c3 cc cc cc cc 80 3d aa 13 ea 01 00 0f 85 5e ff ff ff 48 c7 c7 f8 8e b7 82 c6 05 96 13 ea 01 01 e8 7b 42 8e ff \u003c0f\u003e 0b c3 cc cc cc cc 48 c7 c7 50 8f b7 82 c6 05 7a 13 ea 01 01 e8\nRSP: 0018:ffffc90006b43b60 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888009bb3ef0 RCX: 0000000000000027\nRDX: ffff88807be218c8 RSI: 0000000000000001 RDI: ffff88807be218c0\nRBP: 0000000000069d70 R08: 0000000000000000 R09: ffffc90006b439f0\nR10: ffffc90006b439e8 R11: 0000000000000003 R12: ffff8880029ede84\nR13: 0000000000004e20 R14: ffffffff84356dc0 R15: ffff888009bb3ef0\nFS: 00007f62c10926c0(0000) GS:ffff88807be00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020ccb000 CR3: 000000004628c005 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xe5/0x110\n ? __warn+0x81/0x130\n ? refcount_warn_saturate+0xe5/0x110\n ? report_bug+0x171/0x1a0\n ? refcount_warn_saturate+0xe5/0x110\n ? handle_bug+0x3c/0x80\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? refcount_warn_saturate+0xe5/0x110\n tcp_twsk_unique+0x186/0x190\n __inet_check_established+0x176/0x2d0\n __inet_hash_connect+0x74/0x7d0\n ? __pfx___inet_check_established+0x10/0x10\n tcp_v4_connect+0x278/0x530\n __inet_stream_connect+0x10f/0x3d0\n inet_stream_connect+0x3a/0x60\n __sys_connect+0xa8/0xd0\n __x64_sys_connect+0x18/0x20\n do_syscall_64+0x83/0x170\n entry_SYSCALL_64_after_hwframe+0x78/0x80\nRIP: 0033:0x7f62c11a885d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d a3 45 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007f62c1091e58 EFLAGS: 00000296 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000020ccb004 RCX: 00007f62c11a885d\nRDX: 0000000000000010 RSI: 0000000020ccb000 RDI: 0000000000000003\nRBP: 00007f62c1091e90 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000296 R12: 00007f62c10926c0\nR13: ffffffffffffff88 R14: 0000000000000000 R15: 00007ffe237885b0\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36904",
"url": "https://www.suse.com/security/cve/CVE-2024-36904"
},
{
"category": "external",
"summary": "SUSE Bug 1225732 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225732"
},
{
"category": "external",
"summary": "SUSE Bug 1225733 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-36904"
},
{
"cve": "CVE-2024-36964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36964",
"url": "https://www.suse.com/security/cve/CVE-2024-36964"
},
{
"category": "external",
"summary": "SUSE Bug 1225866 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "external",
"summary": "SUSE Bug 1226325 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1226325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-41059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix uninit-value in copy_name\n\n[syzbot reported]\nBUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160\n sized_strscpy+0xc4/0x160\n copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411\n hfsplus_listxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3877 [inline]\n slab_alloc_node mm/slub.c:3918 [inline]\n kmalloc_trace+0x57b/0xbe0 mm/slub.c:4065\n kmalloc include/linux/slab.h:628 [inline]\n hfsplus_listxattr+0x4cc/0x1a50 fs/hfsplus/xattr.c:699\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[Fix]\nWhen allocating memory to strbuf, initialize memory to 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41059",
"url": "https://www.suse.com/security/cve/CVE-2024-41059"
},
{
"category": "external",
"summary": "SUSE Bug 1228561 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228561"
},
{
"category": "external",
"summary": "SUSE Bug 1228573 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-41059"
},
{
"cve": "CVE-2024-43861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: qmi_wwan: fix memory leak for not ip packets\n\nFree the unused skb when not ip packets arrive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43861",
"url": "https://www.suse.com/security/cve/CVE-2024-43861"
},
{
"category": "external",
"summary": "SUSE Bug 1229500 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229500"
},
{
"category": "external",
"summary": "SUSE Bug 1229553 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-43861"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_158-default-10-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T18:33:28Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
}
]
}
SUSE-SU-2025:0098-1
Vulnerability from csaf_suse - Published: 2025-01-14 15:33 - Updated: 2025-01-14 15:33Summary
Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3)
Description of the patch
This update for the Linux Kernel 5.3.18-150300_59_147 fixes several issues.
The following security issues were fixed:
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712).
- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
Patchnames
SUSE-2025-98,SUSE-2025-99,SUSE-SLE-Module-Live-Patching-15-SP3-2025-98
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150300_59_147 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233712).\n- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-98,SUSE-2025-99,SUSE-SLE-Module-Live-Patching-15-SP3-2025-98",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0098-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0098-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250098-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0098-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020106.html"
},
{
"category": "self",
"summary": "SUSE Bug 1232637",
"url": "https://bugzilla.suse.com/1232637"
},
{
"category": "self",
"summary": "SUSE Bug 1233712",
"url": "https://bugzilla.suse.com/1233712"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3)",
"tracking": {
"current_release_date": "2025-01-14T15:33:29Z",
"generator": {
"date": "2025-01-14T15:33:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0098-1",
"initial_release_date": "2025-01-14T15:33:29Z",
"revision_history": [
{
"date": "2025-01-14T15:33:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_150-default-14-150300.2.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_150-default-14-150300.2.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_150-default-14-150300.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_150-default-14-150300.2.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_150-default-14-150300.2.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_150-default-14-150300.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_147-preempt-15-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_147-preempt-15-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_147-preempt-15-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_150-default-14-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_150-default-14-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_150-default-14-150300.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_150-preempt-14-150300.2.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_150-preempt-14-150300.2.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_150-preempt-14-150300.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-48956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid use-after-free in ip6_fragment()\n\nBlamed commit claimed rcu_read_lock() was held by ip6_fragment() callers.\n\nIt seems to not be always true, at least for UDP stack.\n\nsyzbot reported:\n\nBUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline]\nBUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\nRead of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618\n\nCPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x15e/0x45d mm/kasan/report.c:395\n kasan_report+0xbf/0x1f0 mm/kasan/report.c:495\n ip6_dst_idev include/net/ip6_fib.h:245 [inline]\n ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\n __ip6_finish_output net/ipv6/ip6_output.c:193 [inline]\n ip6_finish_output+0x9a3/0x1170 net/ipv6/ip6_output.c:206\n NF_HOOK_COND include/linux/netfilter.h:291 [inline]\n ip6_output+0x1f1/0x540 net/ipv6/ip6_output.c:227\n dst_output include/net/dst.h:445 [inline]\n ip6_local_out+0xb3/0x1a0 net/ipv6/output_core.c:161\n ip6_send_skb+0xbb/0x340 net/ipv6/ip6_output.c:1966\n udp_v6_send_skb+0x82a/0x18a0 net/ipv6/udp.c:1286\n udp_v6_push_pending_frames+0x140/0x200 net/ipv6/udp.c:1313\n udpv6_sendmsg+0x18da/0x2c80 net/ipv6/udp.c:1606\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0xd3/0x120 net/socket.c:734\n sock_write_iter+0x295/0x3d0 net/socket.c:1108\n call_write_iter include/linux/fs.h:2191 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x9ed/0xdd0 fs/read_write.c:584\n ksys_write+0x1ec/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fde3588c0d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fde365b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fde359ac050 RCX: 00007fde3588c0d9\nRDX: 000000000000ffdc RSI: 00000000200000c0 RDI: 000000000000000a\nRBP: 00007fde358e7ae9 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fde35acfb1f R14: 00007fde365b6300 R15: 0000000000022000\n \u003c/TASK\u003e\n\nAllocated by task 7618:\n kasan_save_stack+0x22/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x82/0x90 mm/kasan/common.c:325\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3398 [inline]\n slab_alloc mm/slub.c:3406 [inline]\n __kmem_cache_alloc_lru mm/slub.c:3413 [inline]\n kmem_cache_alloc+0x2b4/0x3d0 mm/slub.c:3422\n dst_alloc+0x14a/0x1f0 net/core/dst.c:92\n ip6_dst_alloc+0x32/0xa0 net/ipv6/route.c:344\n ip6_rt_pcpu_alloc net/ipv6/route.c:1369 [inline]\n rt6_make_pcpu_route net/ipv6/route.c:1417 [inline]\n ip6_pol_route+0x901/0x1190 net/ipv6/route.c:2254\n pol_lookup_func include/net/ip6_fib.h:582 [inline]\n fib6_rule_lookup+0x52e/0x6f0 net/ipv6/fib6_rules.c:121\n ip6_route_output_flags_noref+0x2e6/0x380 net/ipv6/route.c:2625\n ip6_route_output_flags+0x76/0x320 net/ipv6/route.c:2638\n ip6_route_output include/net/ip6_route.h:98 [inline]\n ip6_dst_lookup_tail+0x5ab/0x1620 net/ipv6/ip6_output.c:1092\n ip6_dst_lookup_flow+0x90/0x1d0 net/ipv6/ip6_output.c:1222\n ip6_sk_dst_lookup_flow+0x553/0x980 net/ipv6/ip6_output.c:1260\n udpv6_sendmsg+0x151d/0x2c80 net/ipv6/udp.c:1554\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48956",
"url": "https://www.suse.com/security/cve/CVE-2022-48956"
},
{
"category": "external",
"summary": "SUSE Bug 1231893 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1231893"
},
{
"category": "external",
"summary": "SUSE Bug 1232799 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1232799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T15:33:29Z",
"details": "important"
}
],
"title": "CVE-2022-48956"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_147-default-15-150300.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T15:33:29Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
}
]
}
SUSE-SU-2025:0253-1
Vulnerability from csaf_suse - Published: 2025-01-27 13:04 - Updated: 2025-01-27 13:04Summary
Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)
Description of the patch
This update for the Linux Kernel 5.14.21-150500_55_59 fixes several issues.
The following security issues were fixed:
- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275).
- CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712).
- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
- CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327).
- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099).
- CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).
- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514).
Patchnames
SUSE-2025-253,SUSE-SLE-Module-Live-Patching-15-SP5-2025-253
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150500_55_59 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275).\n- CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324).\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233712).\n- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).\n- CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429).\n- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).\n- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).\n- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327).\n- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).\n- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273).\n- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).\n- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).\n- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739).\n- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)\n- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).\n- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).\n- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099).\n- CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521).\n- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).\n- CVE-2024-35950: drm/client: Fully protect modes with dev-\u003emode_config.mutex (bsc#1225310).\n- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).\n- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).\n- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).\n- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).\n- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-\u003emac_header (bsc#1223514).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-253,SUSE-SLE-Module-Live-Patching-15-SP5-2025-253",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0253-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0253-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250253-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0253-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020214.html"
},
{
"category": "self",
"summary": "SUSE Bug 1221302",
"url": "https://bugzilla.suse.com/1221302"
},
{
"category": "self",
"summary": "SUSE Bug 1223059",
"url": "https://bugzilla.suse.com/1223059"
},
{
"category": "self",
"summary": "SUSE Bug 1223363",
"url": "https://bugzilla.suse.com/1223363"
},
{
"category": "self",
"summary": "SUSE Bug 1223514",
"url": "https://bugzilla.suse.com/1223514"
},
{
"category": "self",
"summary": "SUSE Bug 1223521",
"url": "https://bugzilla.suse.com/1223521"
},
{
"category": "self",
"summary": "SUSE Bug 1223683",
"url": "https://bugzilla.suse.com/1223683"
},
{
"category": "self",
"summary": "SUSE Bug 1225011",
"url": "https://bugzilla.suse.com/1225011"
},
{
"category": "self",
"summary": "SUSE Bug 1225012",
"url": "https://bugzilla.suse.com/1225012"
},
{
"category": "self",
"summary": "SUSE Bug 1225013",
"url": "https://bugzilla.suse.com/1225013"
},
{
"category": "self",
"summary": "SUSE Bug 1225099",
"url": "https://bugzilla.suse.com/1225099"
},
{
"category": "self",
"summary": "SUSE Bug 1225309",
"url": "https://bugzilla.suse.com/1225309"
},
{
"category": "self",
"summary": "SUSE Bug 1225310",
"url": "https://bugzilla.suse.com/1225310"
},
{
"category": "self",
"summary": "SUSE Bug 1225311",
"url": "https://bugzilla.suse.com/1225311"
},
{
"category": "self",
"summary": "SUSE Bug 1225312",
"url": "https://bugzilla.suse.com/1225312"
},
{
"category": "self",
"summary": "SUSE Bug 1225429",
"url": "https://bugzilla.suse.com/1225429"
},
{
"category": "self",
"summary": "SUSE Bug 1225733",
"url": "https://bugzilla.suse.com/1225733"
},
{
"category": "self",
"summary": "SUSE Bug 1225739",
"url": "https://bugzilla.suse.com/1225739"
},
{
"category": "self",
"summary": "SUSE Bug 1225819",
"url": "https://bugzilla.suse.com/1225819"
},
{
"category": "self",
"summary": "SUSE Bug 1226324",
"url": "https://bugzilla.suse.com/1226324"
},
{
"category": "self",
"summary": "SUSE Bug 1226325",
"url": "https://bugzilla.suse.com/1226325"
},
{
"category": "self",
"summary": "SUSE Bug 1226327",
"url": "https://bugzilla.suse.com/1226327"
},
{
"category": "self",
"summary": "SUSE Bug 1227471",
"url": "https://bugzilla.suse.com/1227471"
},
{
"category": "self",
"summary": "SUSE Bug 1228573",
"url": "https://bugzilla.suse.com/1228573"
},
{
"category": "self",
"summary": "SUSE Bug 1228786",
"url": "https://bugzilla.suse.com/1228786"
},
{
"category": "self",
"summary": "SUSE Bug 1229273",
"url": "https://bugzilla.suse.com/1229273"
},
{
"category": "self",
"summary": "SUSE Bug 1229275",
"url": "https://bugzilla.suse.com/1229275"
},
{
"category": "self",
"summary": "SUSE Bug 1229553",
"url": "https://bugzilla.suse.com/1229553"
},
{
"category": "self",
"summary": "SUSE Bug 1232637",
"url": "https://bugzilla.suse.com/1232637"
},
{
"category": "self",
"summary": "SUSE Bug 1233712",
"url": "https://bugzilla.suse.com/1233712"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47517 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47517/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47598 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48651 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48662 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52846 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26610 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35867 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36971 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)",
"tracking": {
"current_release_date": "2025-01-27T13:04:02Z",
"generator": {
"date": "2025-01-27T13:04:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0253-1",
"initial_release_date": "2025-01-27T13:04:02Z",
"revision_history": [
{
"date": "2025-01-27T13:04:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47517",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47517"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: do not perform operations on net devices being unregistered\n\nThere is a short period between a net device starts to be unregistered\nand when it is actually gone. In that time frame ethtool operations\ncould still be performed, which might end up in unwanted or undefined\nbehaviours[1].\n\nDo not allow ethtool operations after a net device starts its\nunregistration. This patch targets the netlink part as the ioctl one\nisn\u0027t affected: the reference to the net device is taken and the\noperation is executed within an rtnl lock section and the net device\nwon\u0027t be found after unregister.\n\n[1] For example adding Tx queues after unregister ends up in NULL\n pointer exceptions and UaFs, such as:\n\n BUG: KASAN: use-after-free in kobject_get+0x14/0x90\n Read of size 1 at addr ffff88801961248c by task ethtool/755\n\n CPU: 0 PID: 755 Comm: ethtool Not tainted 5.15.0-rc6+ #778\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/014\n Call Trace:\n dump_stack_lvl+0x57/0x72\n print_address_description.constprop.0+0x1f/0x140\n kasan_report.cold+0x7f/0x11b\n kobject_get+0x14/0x90\n kobject_add_internal+0x3d1/0x450\n kobject_init_and_add+0xba/0xf0\n netdev_queue_update_kobjects+0xcf/0x200\n netif_set_real_num_tx_queues+0xb4/0x310\n veth_set_channels+0x1c3/0x550\n ethnl_set_channels+0x524/0x610",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47517",
"url": "https://www.suse.com/security/cve/CVE-2021-47517"
},
{
"category": "external",
"summary": "SUSE Bug 1225428 for CVE-2021-47517",
"url": "https://bugzilla.suse.com/1225428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "moderate"
}
],
"title": "CVE-2021-47517"
},
{
"cve": "CVE-2021-47598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_cake: do not call cake_destroy() from cake_init()\n\nqdiscs are not supposed to call their own destroy() method\nfrom init(), because core stack already does that.\n\nsyzbot was able to trigger use after free:\n\nDEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock_common kernel/locking/mutex.c:586 [inline]\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nModules linked in:\nCPU: 0 PID: 21902 Comm: syz-executor189 Not tainted 5.16.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:__mutex_lock_common kernel/locking/mutex.c:586 [inline]\nRIP: 0010:__mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nCode: 08 84 d2 0f 85 19 08 00 00 8b 05 97 38 4b 04 85 c0 0f 85 27 f7 ff ff 48 c7 c6 20 00 ac 89 48 c7 c7 a0 fe ab 89 e8 bf 76 ba ff \u003c0f\u003e 0b e9 0d f7 ff ff 48 8b 44 24 40 48 8d b8 c8 08 00 00 48 89 f8\nRSP: 0018:ffffc9000627f290 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802315d700 RSI: ffffffff815f1db8 RDI: fffff52000c4fe44\nRBP: ffff88818f28e000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815ebb5e R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: ffffc9000627f458 R15: 0000000093c30000\nFS: 0000555556abc400(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fda689c3303 CR3: 000000001cfbb000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcf_chain0_head_change_cb_del+0x2e/0x3d0 net/sched/cls_api.c:810\n tcf_block_put_ext net/sched/cls_api.c:1381 [inline]\n tcf_block_put_ext net/sched/cls_api.c:1376 [inline]\n tcf_block_put+0xbc/0x130 net/sched/cls_api.c:1394\n cake_destroy+0x3f/0x80 net/sched/sch_cake.c:2695\n qdisc_create.constprop.0+0x9da/0x10f0 net/sched/sch_api.c:1293\n tc_modify_qdisc+0x4c5/0x1980 net/sched/sch_api.c:1660\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2496\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f1bb06badb9\nCode: Unable to access opcode bytes at RIP 0x7f1bb06bad8f.\nRSP: 002b:00007fff3012a658 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1bb06badb9\nRDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000003 R11: 0000000000000246 R12: 00007fff3012a688\nR13: 00007fff3012a6a0 R14: 00007fff3012a6e0 R15: 00000000000013c2\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47598",
"url": "https://www.suse.com/security/cve/CVE-2021-47598"
},
{
"category": "external",
"summary": "SUSE Bug 1226574 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1226574"
},
{
"category": "external",
"summary": "SUSE Bug 1227471 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1227471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2021-47598"
},
{
"cve": "CVE-2022-48651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix out-of-bound bugs caused by unset skb-\u003emac_header\n\nIf an AF_PACKET socket is used to send packets through ipvlan and the\ndefault xmit function of the AF_PACKET socket is changed from\ndev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option\nname of PACKET_QDISC_BYPASS, the skb-\u003emac_header may not be reset and\nremains as the initial value of 65535, this may trigger slab-out-of-bounds\nbugs as following:\n\n=================================================================\nUG: KASAN: slab-out-of-bounds in ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nPU: 2 PID: 1768 Comm: raw_send Kdump: loaded Not tainted 6.0.0-rc4+ #6\nardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33\nall Trace:\nprint_address_description.constprop.0+0x1d/0x160\nprint_report.cold+0x4f/0x112\nkasan_report+0xa3/0x130\nipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nipvlan_start_xmit+0x29/0xa0 [ipvlan]\n__dev_direct_xmit+0x2e2/0x380\npacket_direct_xmit+0x22/0x60\npacket_snd+0x7c9/0xc40\nsock_sendmsg+0x9a/0xa0\n__sys_sendto+0x18a/0x230\n__x64_sys_sendto+0x74/0x90\ndo_syscall_64+0x3b/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe root cause is:\n 1. packet_snd() only reset skb-\u003emac_header when sock-\u003etype is SOCK_RAW\n and skb-\u003eprotocol is not specified as in packet_parse_headers()\n\n 2. packet_direct_xmit() doesn\u0027t reset skb-\u003emac_header as dev_queue_xmit()\n\nIn this case, skb-\u003emac_header is 65535 when ipvlan_xmit_mode_l2() is\ncalled. So when ipvlan_xmit_mode_l2() gets mac header with eth_hdr() which\nuse \"skb-\u003ehead + skb-\u003emac_header\", out-of-bound access occurs.\n\nThis patch replaces eth_hdr() with skb_eth_hdr() in ipvlan_xmit_mode_l2()\nand reset mac header in multicast to solve this out-of-bound bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48651",
"url": "https://www.suse.com/security/cve/CVE-2022-48651"
},
{
"category": "external",
"summary": "SUSE Bug 1223513 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223513"
},
{
"category": "external",
"summary": "SUSE Bug 1223514 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2022-48651"
},
{
"cve": "CVE-2022-48662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48662"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gem: Really move i915_gem_context.link under ref protection\n\ni915_perf assumes that it can use the i915_gem_context reference to\nprotect its i915-\u003egem.contexts.list iteration. However, this requires\nthat we do not remove the context from the list until after we drop the\nfinal reference and release the struct. If, as currently, we remove the\ncontext from the list during context_close(), the link.next pointer may\nbe poisoned while we are holding the context reference and cause a GPF:\n\n[ 4070.573157] i915 0000:00:02.0: [drm:i915_perf_open_ioctl [i915]] filtering on ctx_id=0x1fffff ctx_id_mask=0x1fffff\n[ 4070.574881] general protection fault, probably for non-canonical address 0xdead000000000100: 0000 [#1] PREEMPT SMP\n[ 4070.574897] CPU: 1 PID: 284392 Comm: amd_performance Tainted: G E 5.17.9 #180\n[ 4070.574903] Hardware name: Intel Corporation NUC7i5BNK/NUC7i5BNB, BIOS BNKBL357.86A.0052.2017.0918.1346 09/18/2017\n[ 4070.574907] RIP: 0010:oa_configure_all_contexts.isra.0+0x222/0x350 [i915]\n[ 4070.574982] Code: 08 e8 32 6e 10 e1 4d 8b 6d 50 b8 ff ff ff ff 49 83 ed 50 f0 41 0f c1 04 24 83 f8 01 0f 84 e3 00 00 00 85 c0 0f 8e fa 00 00 00 \u003c49\u003e 8b 45 50 48 8d 70 b0 49 8d 45 50 48 39 44 24 10 0f 85 34 fe ff\n[ 4070.574990] RSP: 0018:ffffc90002077b78 EFLAGS: 00010202\n[ 4070.574995] RAX: 0000000000000002 RBX: 0000000000000002 RCX: 0000000000000000\n[ 4070.575000] RDX: 0000000000000001 RSI: ffffc90002077b20 RDI: ffff88810ddc7c68\n[ 4070.575004] RBP: 0000000000000001 R08: ffff888103242648 R09: fffffffffffffffc\n[ 4070.575008] R10: ffffffff82c50bc0 R11: 0000000000025c80 R12: ffff888101bf1860\n[ 4070.575012] R13: dead0000000000b0 R14: ffffc90002077c04 R15: ffff88810be5cabc\n[ 4070.575016] FS: 00007f1ed50c0780(0000) GS:ffff88885ec80000(0000) knlGS:0000000000000000\n[ 4070.575021] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4070.575025] CR2: 00007f1ed5590280 CR3: 000000010ef6f005 CR4: 00000000003706e0\n[ 4070.575029] Call Trace:\n[ 4070.575033] \u003cTASK\u003e\n[ 4070.575037] lrc_configure_all_contexts+0x13e/0x150 [i915]\n[ 4070.575103] gen8_enable_metric_set+0x4d/0x90 [i915]\n[ 4070.575164] i915_perf_open_ioctl+0xbc0/0x1500 [i915]\n[ 4070.575224] ? asm_common_interrupt+0x1e/0x40\n[ 4070.575232] ? i915_oa_init_reg_state+0x110/0x110 [i915]\n[ 4070.575290] drm_ioctl_kernel+0x85/0x110\n[ 4070.575296] ? update_load_avg+0x5f/0x5e0\n[ 4070.575302] drm_ioctl+0x1d3/0x370\n[ 4070.575307] ? i915_oa_init_reg_state+0x110/0x110 [i915]\n[ 4070.575382] ? gen8_gt_irq_handler+0x46/0x130 [i915]\n[ 4070.575445] __x64_sys_ioctl+0x3c4/0x8d0\n[ 4070.575451] ? __do_softirq+0xaa/0x1d2\n[ 4070.575456] do_syscall_64+0x35/0x80\n[ 4070.575461] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 4070.575467] RIP: 0033:0x7f1ed5c10397\n[ 4070.575471] Code: 3c 1c e8 1c ff ff ff 85 c0 79 87 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d a9 da 0d 00 f7 d8 64 89 01 48\n[ 4070.575478] RSP: 002b:00007ffd65c8d7a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n[ 4070.575484] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f1ed5c10397\n[ 4070.575488] RDX: 00007ffd65c8d7c0 RSI: 0000000040106476 RDI: 0000000000000006\n[ 4070.575492] RBP: 00005620972f9c60 R08: 000000000000000a R09: 0000000000000005\n[ 4070.575496] R10: 000000000000000d R11: 0000000000000246 R12: 000000000000000a\n[ 4070.575500] R13: 000000000000000d R14: 0000000000000000 R15: 00007ffd65c8d7c0\n[ 4070.575505] \u003c/TASK\u003e\n[ 4070.575507] Modules linked in: nls_ascii(E) nls_cp437(E) vfat(E) fat(E) i915(E) x86_pkg_temp_thermal(E) intel_powerclamp(E) crct10dif_pclmul(E) crc32_pclmul(E) crc32c_intel(E) aesni_intel(E) crypto_simd(E) intel_gtt(E) cryptd(E) ttm(E) rapl(E) intel_cstate(E) drm_kms_helper(E) cfbfillrect(E) syscopyarea(E) cfbimgblt(E) intel_uncore(E) sysfillrect(E) mei_me(E) sysimgblt(E) i2c_i801(E) fb_sys_fops(E) mei(E) intel_pch_thermal(E) i2c_smbus\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48662",
"url": "https://www.suse.com/security/cve/CVE-2022-48662"
},
{
"category": "external",
"summary": "SUSE Bug 1223505 for CVE-2022-48662",
"url": "https://bugzilla.suse.com/1223505"
},
{
"category": "external",
"summary": "SUSE Bug 1223521 for CVE-2022-48662",
"url": "https://bugzilla.suse.com/1223521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2022-48662"
},
{
"cve": "CVE-2022-48956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid use-after-free in ip6_fragment()\n\nBlamed commit claimed rcu_read_lock() was held by ip6_fragment() callers.\n\nIt seems to not be always true, at least for UDP stack.\n\nsyzbot reported:\n\nBUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline]\nBUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\nRead of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618\n\nCPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x15e/0x45d mm/kasan/report.c:395\n kasan_report+0xbf/0x1f0 mm/kasan/report.c:495\n ip6_dst_idev include/net/ip6_fib.h:245 [inline]\n ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\n __ip6_finish_output net/ipv6/ip6_output.c:193 [inline]\n ip6_finish_output+0x9a3/0x1170 net/ipv6/ip6_output.c:206\n NF_HOOK_COND include/linux/netfilter.h:291 [inline]\n ip6_output+0x1f1/0x540 net/ipv6/ip6_output.c:227\n dst_output include/net/dst.h:445 [inline]\n ip6_local_out+0xb3/0x1a0 net/ipv6/output_core.c:161\n ip6_send_skb+0xbb/0x340 net/ipv6/ip6_output.c:1966\n udp_v6_send_skb+0x82a/0x18a0 net/ipv6/udp.c:1286\n udp_v6_push_pending_frames+0x140/0x200 net/ipv6/udp.c:1313\n udpv6_sendmsg+0x18da/0x2c80 net/ipv6/udp.c:1606\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0xd3/0x120 net/socket.c:734\n sock_write_iter+0x295/0x3d0 net/socket.c:1108\n call_write_iter include/linux/fs.h:2191 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x9ed/0xdd0 fs/read_write.c:584\n ksys_write+0x1ec/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fde3588c0d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fde365b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fde359ac050 RCX: 00007fde3588c0d9\nRDX: 000000000000ffdc RSI: 00000000200000c0 RDI: 000000000000000a\nRBP: 00007fde358e7ae9 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fde35acfb1f R14: 00007fde365b6300 R15: 0000000000022000\n \u003c/TASK\u003e\n\nAllocated by task 7618:\n kasan_save_stack+0x22/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x82/0x90 mm/kasan/common.c:325\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3398 [inline]\n slab_alloc mm/slub.c:3406 [inline]\n __kmem_cache_alloc_lru mm/slub.c:3413 [inline]\n kmem_cache_alloc+0x2b4/0x3d0 mm/slub.c:3422\n dst_alloc+0x14a/0x1f0 net/core/dst.c:92\n ip6_dst_alloc+0x32/0xa0 net/ipv6/route.c:344\n ip6_rt_pcpu_alloc net/ipv6/route.c:1369 [inline]\n rt6_make_pcpu_route net/ipv6/route.c:1417 [inline]\n ip6_pol_route+0x901/0x1190 net/ipv6/route.c:2254\n pol_lookup_func include/net/ip6_fib.h:582 [inline]\n fib6_rule_lookup+0x52e/0x6f0 net/ipv6/fib6_rules.c:121\n ip6_route_output_flags_noref+0x2e6/0x380 net/ipv6/route.c:2625\n ip6_route_output_flags+0x76/0x320 net/ipv6/route.c:2638\n ip6_route_output include/net/ip6_route.h:98 [inline]\n ip6_dst_lookup_tail+0x5ab/0x1620 net/ipv6/ip6_output.c:1092\n ip6_dst_lookup_flow+0x90/0x1d0 net/ipv6/ip6_output.c:1222\n ip6_sk_dst_lookup_flow+0x553/0x980 net/ipv6/ip6_output.c:1260\n udpv6_sendmsg+0x151d/0x2c80 net/ipv6/udp.c:1554\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48956",
"url": "https://www.suse.com/security/cve/CVE-2022-48956"
},
{
"category": "external",
"summary": "SUSE Bug 1231893 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1231893"
},
{
"category": "external",
"summary": "SUSE Bug 1232799 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1232799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2022-48956"
},
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2023-52846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Prevent use after free in prp_create_tagged_frame()\n\nThe prp_fill_rct() function can fail. In that situation, it frees the\nskb and returns NULL. Meanwhile on the success path, it returns the\noriginal skb. So it\u0027s straight forward to fix bug by using the returned\nvalue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52846",
"url": "https://www.suse.com/security/cve/CVE-2023-52846"
},
{
"category": "external",
"summary": "SUSE Bug 1225098 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225098"
},
{
"category": "external",
"summary": "SUSE Bug 1225099 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2023-52846"
},
{
"cve": "CVE-2024-26610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix a memory corruption\n\niwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that\nif we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in\nbytes, we\u0027ll write past the buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26610",
"url": "https://www.suse.com/security/cve/CVE-2024-26610"
},
{
"category": "external",
"summary": "SUSE Bug 1221299 for CVE-2024-26610",
"url": "https://bugzilla.suse.com/1221299"
},
{
"category": "external",
"summary": "SUSE Bug 1221302 for CVE-2024-26610",
"url": "https://bugzilla.suse.com/1221302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-26610"
},
{
"cve": "CVE-2024-26828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need. However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t. That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26828",
"url": "https://www.suse.com/security/cve/CVE-2024-26828"
},
{
"category": "external",
"summary": "SUSE Bug 1223084 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "external",
"summary": "SUSE Bug 1223363 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26852",
"url": "https://www.suse.com/security/cve/CVE-2024-26852"
},
{
"category": "external",
"summary": "SUSE Bug 1223057 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "external",
"summary": "SUSE Bug 1223059 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix garbage collector racing against connect()\n\nGarbage collector does not take into account the risk of embryo getting\nenqueued during the garbage collection. If such embryo has a peer that\ncarries SCM_RIGHTS, two consecutive passes of scan_children() may see a\ndifferent set of children. Leading to an incorrectly elevated inflight\ncount, and then a dangling pointer within the gc_inflight_list.\n\nsockets are AF_UNIX/SOCK_STREAM\nS is an unconnected socket\nL is a listening in-flight socket bound to addr, not in fdtable\nV\u0027s fd will be passed via sendmsg(), gets inflight count bumped\n\nconnect(S, addr)\tsendmsg(S, [V]); close(V)\t__unix_gc()\n----------------\t-------------------------\t-----------\n\nNS = unix_create1()\nskb1 = sock_wmalloc(NS)\nL = unix_find_other(addr)\nunix_state_lock(L)\nunix_peer(S) = NS\n\t\t\t// V count=1 inflight=0\n\n \t\t\tNS = unix_peer(S)\n \t\t\tskb2 = sock_alloc()\n\t\t\tskb_queue_tail(NS, skb2[V])\n\n\t\t\t// V became in-flight\n\t\t\t// V count=2 inflight=1\n\n\t\t\tclose(V)\n\n\t\t\t// V count=1 inflight=1\n\t\t\t// GC candidate condition met\n\n\t\t\t\t\t\tfor u in gc_inflight_list:\n\t\t\t\t\t\t if (total_refs == inflight_refs)\n\t\t\t\t\t\t add u to gc_candidates\n\n\t\t\t\t\t\t// gc_candidates={L, V}\n\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t scan_children(u, dec_inflight)\n\n\t\t\t\t\t\t// embryo (skb1) was not\n\t\t\t\t\t\t// reachable from L yet, so V\u0027s\n\t\t\t\t\t\t// inflight remains unchanged\n__skb_queue_tail(L, skb1)\nunix_state_unlock(L)\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t if (u.inflight)\n\t\t\t\t\t\t scan_children(u, inc_inflight_move_tail)\n\n\t\t\t\t\t\t// V count=1 inflight=2 (!)\n\nIf there is a GC-candidate listening socket, lock/unlock its state. This\nmakes GC wait until the end of any ongoing connect() to that socket. After\nflipping the lock, a possibly SCM-laden embryo is already enqueued. And if\nthere is another embryo coming, it can not possibly carry SCM_RIGHTS. At\nthis point, unix_inflight() can not happen because unix_gc_lock is already\ntaken. Inflight graph remains unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26923",
"url": "https://www.suse.com/security/cve/CVE-2024-26923"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1223683 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-27398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n Cleanup Thread | Worker Thread\nsco_sock_release |\n sco_sock_close |\n __sco_sock_close |\n sco_sock_set_timer |\n schedule_delayed_work |\n sco_sock_kill | (wait a time)\n sock_put(sk) //FREE | sco_sock_timeout\n | sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[ 95.890016] ==================================================================\n[ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[ 95.890755] Workqueue: events sco_sock_timeout\n[ 95.890755] Call Trace:\n[ 95.890755] \u003cTASK\u003e\n[ 95.890755] dump_stack_lvl+0x45/0x110\n[ 95.890755] print_address_description+0x78/0x390\n[ 95.890755] print_report+0x11b/0x250\n[ 95.890755] ? __virt_addr_valid+0xbe/0xf0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_report+0x139/0x170\n[ 95.890755] ? update_load_avg+0xe5/0x9f0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_check_range+0x2c3/0x2e0\n[ 95.890755] sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] process_one_work+0x561/0xc50\n[ 95.890755] worker_thread+0xab2/0x13c0\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] kthread+0x279/0x300\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork+0x34/0x60\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork_asm+0x11/0x20\n[ 95.890755] \u003c/TASK\u003e\n[ 95.890755]\n[ 95.890755] Allocated by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] __kasan_kmalloc+0x86/0x90\n[ 95.890755] __kmalloc+0x17f/0x360\n[ 95.890755] sk_prot_alloc+0xe1/0x1a0\n[ 95.890755] sk_alloc+0x31/0x4e0\n[ 95.890755] bt_sock_alloc+0x2b/0x2a0\n[ 95.890755] sco_sock_create+0xad/0x320\n[ 95.890755] bt_sock_create+0x145/0x320\n[ 95.890755] __sock_create+0x2e1/0x650\n[ 95.890755] __sys_socket+0xd0/0x280\n[ 95.890755] __x64_sys_socket+0x75/0x80\n[ 95.890755] do_syscall_64+0xc4/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] Freed by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] kasan_save_free_info+0x40/0x50\n[ 95.890755] poison_slab_object+0x118/0x180\n[ 95.890755] __kasan_slab_free+0x12/0x30\n[ 95.890755] kfree+0xb2/0x240\n[ 95.890755] __sk_destruct+0x317/0x410\n[ 95.890755] sco_sock_release+0x232/0x280\n[ 95.890755] sock_close+0xb2/0x210\n[ 95.890755] __fput+0x37f/0x770\n[ 95.890755] task_work_run+0x1ae/0x210\n[ 95.890755] get_signal+0xe17/0xf70\n[ 95.890755] arch_do_signal_or_restart+0x3f/0x520\n[ 95.890755] syscall_exit_to_user_mode+0x55/0x120\n[ 95.890755] do_syscall_64+0xd1/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the object at ffff88800c388000\n[ 95.890755] which belongs to the cache kmalloc-1k of size 1024\n[ 95.890755] The buggy address is located 128 bytes inside of\n[ 95.890755] freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the physical page:\n[ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 95.890755] ano\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27398",
"url": "https://www.suse.com/security/cve/CVE-2024-27398"
},
{
"category": "external",
"summary": "SUSE Bug 1224174 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "external",
"summary": "SUSE Bug 1225013 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1225013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-35861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35861",
"url": "https://www.suse.com/security/cve/CVE-2024-35861"
},
{
"category": "external",
"summary": "SUSE Bug 1224766 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "external",
"summary": "SUSE Bug 1225312 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1225312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-35861"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35863",
"url": "https://www.suse.com/security/cve/CVE-2024-35863"
},
{
"category": "external",
"summary": "SUSE Bug 1224763 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "external",
"summary": "SUSE Bug 1225011 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1225011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-35863"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35867",
"url": "https://www.suse.com/security/cve/CVE-2024-35867"
},
{
"category": "external",
"summary": "SUSE Bug 1224664 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "external",
"summary": "SUSE Bug 1225012 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1225012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-35867"
},
{
"cve": "CVE-2024-35905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Protect against int overflow for stack access size\n\nThis patch re-introduces protection against the size of access to stack\nmemory being negative; the access size can appear negative as a result\nof overflowing its signed int representation. This should not actually\nhappen, as there are other protections along the way, but we should\nprotect against it anyway. One code path was missing such protections\n(fixed in the previous patch in the series), causing out-of-bounds array\naccesses in check_stack_range_initialized(). This patch causes the\nverification of a program with such a non-sensical access size to fail.\n\nThis check used to exist in a more indirect way, but was inadvertendly\nremoved in a833a17aeac7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35905",
"url": "https://www.suse.com/security/cve/CVE-2024-35905"
},
{
"category": "external",
"summary": "SUSE Bug 1224488 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "external",
"summary": "SUSE Bug 1226327 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1226327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-35905"
},
{
"cve": "CVE-2024-35949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: make sure that WRITTEN is set on all metadata blocks\n\nWe previously would call btrfs_check_leaf() if we had the check\nintegrity code enabled, which meant that we could only run the extended\nleaf checks if we had WRITTEN set on the header flags.\n\nThis leaves a gap in our checking, because we could end up with\ncorruption on disk where WRITTEN isn\u0027t set on the leaf, and then the\nextended leaf checks don\u0027t get run which we rely on to validate all of\nthe item pointers to make sure we don\u0027t access memory outside of the\nextent buffer.\n\nHowever, since 732fab95abe2 (\"btrfs: check-integrity: remove\nCONFIG_BTRFS_FS_CHECK_INTEGRITY option\") we no longer call\nbtrfs_check_leaf() from btrfs_mark_buffer_dirty(), which means we only\never call it on blocks that are being written out, and thus have WRITTEN\nset, or that are being read in, which should have WRITTEN set.\n\nAdd checks to make sure we have WRITTEN set appropriately, and then make\nsure __btrfs_check_leaf() always does the item checking. This will\nprotect us from file systems that have been corrupted and no longer have\nWRITTEN set on some of the blocks.\n\nThis was hit on a crafted image tweaking the WRITTEN bit and reported by\nKASAN as out-of-bound access in the eb accessors. The example is a dir\nitem at the end of an eb.\n\n [2.042] BTRFS warning (device loop1): bad eb member start: ptr 0x3fff start 30572544 member offset 16410 size 2\n [2.040] general protection fault, probably for non-canonical address 0xe0009d1000000003: 0000 [#1] PREEMPT SMP KASAN NOPTI\n [2.537] KASAN: maybe wild-memory-access in range [0x0005088000000018-0x000508800000001f]\n [2.729] CPU: 0 PID: 2587 Comm: mount Not tainted 6.8.2 #1\n [2.729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n [2.621] RIP: 0010:btrfs_get_16+0x34b/0x6d0\n [2.621] RSP: 0018:ffff88810871fab8 EFLAGS: 00000206\n [2.621] RAX: 0000a11000000003 RBX: ffff888104ff8720 RCX: ffff88811b2288c0\n [2.621] RDX: dffffc0000000000 RSI: ffffffff81dd8aca RDI: ffff88810871f748\n [2.621] RBP: 000000000000401a R08: 0000000000000001 R09: ffffed10210e3ee9\n [2.621] R10: ffff88810871f74f R11: 205d323430333737 R12: 000000000000001a\n [2.621] R13: 000508800000001a R14: 1ffff110210e3f5d R15: ffffffff850011e8\n [2.621] FS: 00007f56ea275840(0000) GS:ffff88811b200000(0000) knlGS:0000000000000000\n [2.621] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [2.621] CR2: 00007febd13b75c0 CR3: 000000010bb50000 CR4: 00000000000006f0\n [2.621] Call Trace:\n [2.621] \u003cTASK\u003e\n [2.621] ? show_regs+0x74/0x80\n [2.621] ? die_addr+0x46/0xc0\n [2.621] ? exc_general_protection+0x161/0x2a0\n [2.621] ? asm_exc_general_protection+0x26/0x30\n [2.621] ? btrfs_get_16+0x33a/0x6d0\n [2.621] ? btrfs_get_16+0x34b/0x6d0\n [2.621] ? btrfs_get_16+0x33a/0x6d0\n [2.621] ? __pfx_btrfs_get_16+0x10/0x10\n [2.621] ? __pfx_mutex_unlock+0x10/0x10\n [2.621] btrfs_match_dir_item_name+0x101/0x1a0\n [2.621] btrfs_lookup_dir_item+0x1f3/0x280\n [2.621] ? __pfx_btrfs_lookup_dir_item+0x10/0x10\n [2.621] btrfs_get_tree+0xd25/0x1910\n\n[ copy more details from report ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35949",
"url": "https://www.suse.com/security/cve/CVE-2024-35949"
},
{
"category": "external",
"summary": "SUSE Bug 1224700 for CVE-2024-35949",
"url": "https://bugzilla.suse.com/1224700"
},
{
"category": "external",
"summary": "SUSE Bug 1229273 for CVE-2024-35949",
"url": "https://bugzilla.suse.com/1229273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-35949"
},
{
"cve": "CVE-2024-35950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev-\u003emode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors\u0027\nmode lists, which are protected by dev-\u003emode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35950",
"url": "https://www.suse.com/security/cve/CVE-2024-35950"
},
{
"category": "external",
"summary": "SUSE Bug 1224703 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "external",
"summary": "SUSE Bug 1225310 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1225310"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-36899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: Fix use after free in lineinfo_changed_notify\n\nThe use-after-free issue occurs as follows: when the GPIO chip device file\nis being closed by invoking gpio_chrdev_release(), watched_lines is freed\nby bitmap_free(), but the unregistration of lineinfo_changed_nb notifier\nchain failed due to waiting write rwsem. Additionally, one of the GPIO\nchip\u0027s lines is also in the release process and holds the notifier chain\u0027s\nread rwsem. Consequently, a race condition leads to the use-after-free of\nwatched_lines.\n\nHere is the typical stack when issue happened:\n\n[free]\ngpio_chrdev_release()\n --\u003e bitmap_free(cdev-\u003ewatched_lines) \u003c-- freed\n --\u003e blocking_notifier_chain_unregister()\n --\u003e down_write(\u0026nh-\u003erwsem) \u003c-- waiting rwsem\n --\u003e __down_write_common()\n --\u003e rwsem_down_write_slowpath()\n --\u003e schedule_preempt_disabled()\n --\u003e schedule()\n\n[use]\nst54spi_gpio_dev_release()\n --\u003e gpio_free()\n --\u003e gpiod_free()\n --\u003e gpiod_free_commit()\n --\u003e gpiod_line_state_notify()\n --\u003e blocking_notifier_call_chain()\n --\u003e down_read(\u0026nh-\u003erwsem); \u003c-- held rwsem\n --\u003e notifier_call_chain()\n --\u003e lineinfo_changed_notify()\n --\u003e test_bit(xxxx, cdev-\u003ewatched_lines) \u003c-- use after free\n\nThe side effect of the use-after-free issue is that a GPIO line event is\nbeing generated for userspace where it shouldn\u0027t. However, since the chrdev\nis being closed, userspace won\u0027t have the chance to read that event anyway.\n\nTo fix the issue, call the bitmap_free() function after the unregistration\nof lineinfo_changed_nb notifier chain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36899",
"url": "https://www.suse.com/security/cve/CVE-2024-36899"
},
{
"category": "external",
"summary": "SUSE Bug 1225737 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225737"
},
{
"category": "external",
"summary": "SUSE Bug 1225739 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-36899"
},
{
"cve": "CVE-2024-36904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Use refcount_inc_not_zero() in tcp_twsk_unique().\n\nAnderson Nascimento reported a use-after-free splat in tcp_twsk_unique()\nwith nice analysis.\n\nSince commit ec94c2696f0b (\"tcp/dccp: avoid one atomic operation for\ntimewait hashdance\"), inet_twsk_hashdance() sets TIME-WAIT socket\u0027s\nsk_refcnt after putting it into ehash and releasing the bucket lock.\n\nThus, there is a small race window where other threads could try to\nreuse the port during connect() and call sock_hold() in tcp_twsk_unique()\nfor the TIME-WAIT socket with zero refcnt.\n\nIf that happens, the refcnt taken by tcp_twsk_unique() is overwritten\nand sock_put() will cause underflow, triggering a real use-after-free\nsomewhere else.\n\nTo avoid the use-after-free, we need to use refcount_inc_not_zero() in\ntcp_twsk_unique() and give up on reusing the port if it returns false.\n\n[0]:\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 0 PID: 1039313 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110\nCPU: 0 PID: 1039313 Comm: trigger Not tainted 6.8.6-200.fc39.x86_64 #1\nHardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.21805430.B64.2305221830 05/22/2023\nRIP: 0010:refcount_warn_saturate+0xe5/0x110\nCode: 42 8e ff 0f 0b c3 cc cc cc cc 80 3d aa 13 ea 01 00 0f 85 5e ff ff ff 48 c7 c7 f8 8e b7 82 c6 05 96 13 ea 01 01 e8 7b 42 8e ff \u003c0f\u003e 0b c3 cc cc cc cc 48 c7 c7 50 8f b7 82 c6 05 7a 13 ea 01 01 e8\nRSP: 0018:ffffc90006b43b60 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888009bb3ef0 RCX: 0000000000000027\nRDX: ffff88807be218c8 RSI: 0000000000000001 RDI: ffff88807be218c0\nRBP: 0000000000069d70 R08: 0000000000000000 R09: ffffc90006b439f0\nR10: ffffc90006b439e8 R11: 0000000000000003 R12: ffff8880029ede84\nR13: 0000000000004e20 R14: ffffffff84356dc0 R15: ffff888009bb3ef0\nFS: 00007f62c10926c0(0000) GS:ffff88807be00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020ccb000 CR3: 000000004628c005 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xe5/0x110\n ? __warn+0x81/0x130\n ? refcount_warn_saturate+0xe5/0x110\n ? report_bug+0x171/0x1a0\n ? refcount_warn_saturate+0xe5/0x110\n ? handle_bug+0x3c/0x80\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? refcount_warn_saturate+0xe5/0x110\n tcp_twsk_unique+0x186/0x190\n __inet_check_established+0x176/0x2d0\n __inet_hash_connect+0x74/0x7d0\n ? __pfx___inet_check_established+0x10/0x10\n tcp_v4_connect+0x278/0x530\n __inet_stream_connect+0x10f/0x3d0\n inet_stream_connect+0x3a/0x60\n __sys_connect+0xa8/0xd0\n __x64_sys_connect+0x18/0x20\n do_syscall_64+0x83/0x170\n entry_SYSCALL_64_after_hwframe+0x78/0x80\nRIP: 0033:0x7f62c11a885d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d a3 45 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007f62c1091e58 EFLAGS: 00000296 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000020ccb004 RCX: 00007f62c11a885d\nRDX: 0000000000000010 RSI: 0000000020ccb000 RDI: 0000000000000003\nRBP: 00007f62c1091e90 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000296 R12: 00007f62c10926c0\nR13: ffffffffffffff88 R14: 0000000000000000 R15: 00007ffe237885b0\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36904",
"url": "https://www.suse.com/security/cve/CVE-2024-36904"
},
{
"category": "external",
"summary": "SUSE Bug 1225732 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225732"
},
{
"category": "external",
"summary": "SUSE Bug 1225733 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-36904"
},
{
"cve": "CVE-2024-36964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36964",
"url": "https://www.suse.com/security/cve/CVE-2024-36964"
},
{
"category": "external",
"summary": "SUSE Bug 1225866 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "external",
"summary": "SUSE Bug 1226325 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1226325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-36971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix __dst_negative_advice() race\n\n__dst_negative_advice() does not enforce proper RCU rules when\nsk-\u003edst_cache must be cleared, leading to possible UAF.\n\nRCU rules are that we must first clear sk-\u003esk_dst_cache,\nthen call dst_release(old_dst).\n\nNote that sk_dst_reset(sk) is implementing this protocol correctly,\nwhile __dst_negative_advice() uses the wrong order.\n\nGiven that ip6_negative_advice() has special logic\nagainst RTF_CACHE, this means each of the three -\u003enegative_advice()\nexisting methods must perform the sk_dst_reset() themselves.\n\nNote the check against NULL dst is centralized in\n__dst_negative_advice(), there is no need to duplicate\nit in various callbacks.\n\nMany thanks to Clement Lecigne for tracking this issue.\n\nThis old bug became visible after the blamed commit, using UDP sockets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36971",
"url": "https://www.suse.com/security/cve/CVE-2024-36971"
},
{
"category": "external",
"summary": "SUSE Bug 1226145 for CVE-2024-36971",
"url": "https://bugzilla.suse.com/1226145"
},
{
"category": "external",
"summary": "SUSE Bug 1226324 for CVE-2024-36971",
"url": "https://bugzilla.suse.com/1226324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-36971"
},
{
"cve": "CVE-2024-40954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not leave a dangling sk pointer, when socket creation fails\n\nIt is possible to trigger a use-after-free by:\n * attaching an fentry probe to __sock_release() and the probe calling the\n bpf_get_socket_cookie() helper\n * running traceroute -I 1.1.1.1 on a freshly booted VM\n\nA KASAN enabled kernel will log something like below (decoded and stripped):\n==================================================================\nBUG: KASAN: slab-use-after-free in __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nRead of size 8 at addr ffff888007110dd8 by task traceroute/299\n\nCPU: 2 PID: 299 Comm: traceroute Tainted: G E 6.10.0-rc2+ #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\nprint_report (mm/kasan/report.c:378 mm/kasan/report.c:488)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_report (mm/kasan/report.c:603)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_check_range (mm/kasan/generic.c:183 mm/kasan/generic.c:189)\n__sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nbpf_get_socket_ptr_cookie (./arch/x86/include/asm/preempt.h:94 ./include/linux/sock_diag.h:42 net/core/filter.c:5094 net/core/filter.c:5092)\nbpf_prog_875642cf11f1d139___sock_release+0x6e/0x8e\nbpf_trampoline_6442506592+0x47/0xaf\n__sock_release (net/socket.c:652)\n__sock_create (net/socket.c:1601)\n...\nAllocated by task 299 on cpu 2 at 78.328492s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\n__kasan_slab_alloc (mm/kasan/common.c:312 mm/kasan/common.c:338)\nkmem_cache_alloc_noprof (mm/slub.c:3941 mm/slub.c:4000 mm/slub.c:4007)\nsk_prot_alloc (net/core/sock.c:2075)\nsk_alloc (net/core/sock.c:2134)\ninet_create (net/ipv4/af_inet.c:327 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFreed by task 299 on cpu 2 at 78.328502s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\nkasan_save_free_info (mm/kasan/generic.c:582)\npoison_slab_object (mm/kasan/common.c:242)\n__kasan_slab_free (mm/kasan/common.c:256)\nkmem_cache_free (mm/slub.c:4437 mm/slub.c:4511)\n__sk_destruct (net/core/sock.c:2117 net/core/sock.c:2208)\ninet_create (net/ipv4/af_inet.c:397 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by clearing the struct socket reference in sk_common_release() to cover\nall protocol families create functions, which may already attached the\nreference to the sk object with sock_init_data().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40954",
"url": "https://www.suse.com/security/cve/CVE-2024-40954"
},
{
"category": "external",
"summary": "SUSE Bug 1227808 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1227808"
},
{
"category": "external",
"summary": "SUSE Bug 1228786 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1228786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-40954"
},
{
"cve": "CVE-2024-41057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie()\n\nWe got the following issue in our fault injection stress test:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in cachefiles_withdraw_cookie+0x4d9/0x600\nRead of size 8 at addr ffff888118efc000 by task kworker/u78:0/109\n\nCPU: 13 PID: 109 Comm: kworker/u78:0 Not tainted 6.8.0-dirty #566\nCall Trace:\n \u003cTASK\u003e\n kasan_report+0x93/0xc0\n cachefiles_withdraw_cookie+0x4d9/0x600\n fscache_cookie_state_machine+0x5c8/0x1230\n fscache_cookie_worker+0x91/0x1c0\n process_one_work+0x7fa/0x1800\n [...]\n\nAllocated by task 117:\n kmalloc_trace+0x1b3/0x3c0\n cachefiles_acquire_volume+0xf3/0x9c0\n fscache_create_volume_work+0x97/0x150\n process_one_work+0x7fa/0x1800\n [...]\n\nFreed by task 120301:\n kfree+0xf1/0x2c0\n cachefiles_withdraw_cache+0x3fa/0x920\n cachefiles_put_unbind_pincount+0x1f6/0x250\n cachefiles_daemon_release+0x13b/0x290\n __fput+0x204/0xa00\n task_work_run+0x139/0x230\n do_exit+0x87a/0x29b0\n [...]\n==================================================================\n\nFollowing is the process that triggers the issue:\n\n p1 | p2\n------------------------------------------------------------\n fscache_begin_lookup\n fscache_begin_volume_access\n fscache_cache_is_live(fscache_cache)\ncachefiles_daemon_release\n cachefiles_put_unbind_pincount\n cachefiles_daemon_unbind\n cachefiles_withdraw_cache\n fscache_withdraw_cache\n fscache_set_cache_state(cache, FSCACHE_CACHE_IS_WITHDRAWN);\n cachefiles_withdraw_objects(cache)\n fscache_wait_for_objects(fscache)\n atomic_read(\u0026fscache_cache-\u003eobject_count) == 0\n fscache_perform_lookup\n cachefiles_lookup_cookie\n cachefiles_alloc_object\n refcount_set(\u0026object-\u003eref, 1);\n object-\u003evolume = volume\n fscache_count_object(vcookie-\u003ecache);\n atomic_inc(\u0026fscache_cache-\u003eobject_count)\n cachefiles_withdraw_volumes\n cachefiles_withdraw_volume\n fscache_withdraw_volume\n __cachefiles_free_volume\n kfree(cachefiles_volume)\n fscache_cookie_state_machine\n cachefiles_withdraw_cookie\n cache = object-\u003evolume-\u003ecache;\n // cachefiles_volume UAF !!!\n\nAfter setting FSCACHE_CACHE_IS_WITHDRAWN, wait for all the cookie lookups\nto complete first, and then wait for fscache_cache-\u003eobject_count == 0 to\navoid the cookie exiting after the volume has been freed and triggering\nthe above issue. Therefore call fscache_withdraw_volume() before calling\ncachefiles_withdraw_objects().\n\nThis way, after setting FSCACHE_CACHE_IS_WITHDRAWN, only the following two\ncases will occur:\n1) fscache_begin_lookup fails in fscache_begin_volume_access().\n2) fscache_withdraw_volume() will ensure that fscache_count_object() has\n been executed before calling fscache_wait_for_objects().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41057",
"url": "https://www.suse.com/security/cve/CVE-2024-41057"
},
{
"category": "external",
"summary": "SUSE Bug 1228462 for CVE-2024-41057",
"url": "https://bugzilla.suse.com/1228462"
},
{
"category": "external",
"summary": "SUSE Bug 1229275 for CVE-2024-41057",
"url": "https://bugzilla.suse.com/1229275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-41057"
},
{
"cve": "CVE-2024-41059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix uninit-value in copy_name\n\n[syzbot reported]\nBUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160\n sized_strscpy+0xc4/0x160\n copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411\n hfsplus_listxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3877 [inline]\n slab_alloc_node mm/slub.c:3918 [inline]\n kmalloc_trace+0x57b/0xbe0 mm/slub.c:4065\n kmalloc include/linux/slab.h:628 [inline]\n hfsplus_listxattr+0x4cc/0x1a50 fs/hfsplus/xattr.c:699\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[Fix]\nWhen allocating memory to strbuf, initialize memory to 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41059",
"url": "https://www.suse.com/security/cve/CVE-2024-41059"
},
{
"category": "external",
"summary": "SUSE Bug 1228561 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228561"
},
{
"category": "external",
"summary": "SUSE Bug 1228573 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-41059"
},
{
"cve": "CVE-2024-43861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: qmi_wwan: fix memory leak for not ip packets\n\nFree the unused skb when not ip packets arrive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43861",
"url": "https://www.suse.com/security/cve/CVE-2024-43861"
},
{
"category": "external",
"summary": "SUSE Bug 1229500 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229500"
},
{
"category": "external",
"summary": "SUSE Bug 1229553 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-43861"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_59-default-11-150500.11.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:04:02Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
}
]
}
SUSE-SU-2025:0137-1
Vulnerability from csaf_suse - Published: 2025-01-16 10:35 - Updated: 2025-01-16 10:35Summary
Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)
Description of the patch
This update for the Linux Kernel 5.3.18-150300_59_161 fixes several issues.
The following security issues were fixed:
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712).
- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).
- CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651).
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).
- CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301)
- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310).
- CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619).
Patchnames
SUSE-2025-137,SUSE-SLE-Module-Live-Patching-15-SP3-2025-137
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150300_59_161 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233712).\n- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).\n- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).\n- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).\n- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).\n- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).\n- CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651).\n- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).\n- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).\n- CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301)\n- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202).\n- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).\n- CVE-2024-35950: drm/client: Fully protect modes with dev-\u003emode_config.mutex (bsc#1225310).\n- CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211).\n- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).\n- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).\n- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-137,SUSE-SLE-Module-Live-Patching-15-SP3-2025-137",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0137-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0137-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250137-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0137-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020141.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210619",
"url": "https://bugzilla.suse.com/1210619"
},
{
"category": "self",
"summary": "SUSE Bug 1223363",
"url": "https://bugzilla.suse.com/1223363"
},
{
"category": "self",
"summary": "SUSE Bug 1223683",
"url": "https://bugzilla.suse.com/1223683"
},
{
"category": "self",
"summary": "SUSE Bug 1225013",
"url": "https://bugzilla.suse.com/1225013"
},
{
"category": "self",
"summary": "SUSE Bug 1225202",
"url": "https://bugzilla.suse.com/1225202"
},
{
"category": "self",
"summary": "SUSE Bug 1225211",
"url": "https://bugzilla.suse.com/1225211"
},
{
"category": "self",
"summary": "SUSE Bug 1225302",
"url": "https://bugzilla.suse.com/1225302"
},
{
"category": "self",
"summary": "SUSE Bug 1225309",
"url": "https://bugzilla.suse.com/1225309"
},
{
"category": "self",
"summary": "SUSE Bug 1225310",
"url": "https://bugzilla.suse.com/1225310"
},
{
"category": "self",
"summary": "SUSE Bug 1225311",
"url": "https://bugzilla.suse.com/1225311"
},
{
"category": "self",
"summary": "SUSE Bug 1225312",
"url": "https://bugzilla.suse.com/1225312"
},
{
"category": "self",
"summary": "SUSE Bug 1225733",
"url": "https://bugzilla.suse.com/1225733"
},
{
"category": "self",
"summary": "SUSE Bug 1225819",
"url": "https://bugzilla.suse.com/1225819"
},
{
"category": "self",
"summary": "SUSE Bug 1226325",
"url": "https://bugzilla.suse.com/1226325"
},
{
"category": "self",
"summary": "SUSE Bug 1227471",
"url": "https://bugzilla.suse.com/1227471"
},
{
"category": "self",
"summary": "SUSE Bug 1227651",
"url": "https://bugzilla.suse.com/1227651"
},
{
"category": "self",
"summary": "SUSE Bug 1228573",
"url": "https://bugzilla.suse.com/1228573"
},
{
"category": "self",
"summary": "SUSE Bug 1229553",
"url": "https://bugzilla.suse.com/1229553"
},
{
"category": "self",
"summary": "SUSE Bug 1232637",
"url": "https://bugzilla.suse.com/1232637"
},
{
"category": "self",
"summary": "SUSE Bug 1233712",
"url": "https://bugzilla.suse.com/1233712"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47291 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47378 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47383 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47402 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47598 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1829 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)",
"tracking": {
"current_release_date": "2025-01-16T10:35:08Z",
"generator": {
"date": "2025-01-16T10:35:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0137-1",
"initial_release_date": "2025-01-16T10:35:08Z",
"revision_history": [
{
"date": "2025-01-16T10:35:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_161-preempt-9-150300.7.6.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_161-preempt-9-150300.7.6.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_161-preempt-9-150300.7.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47291"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions\n\nWhile running the self-tests on a KASAN enabled kernel, I observed a\nslab-out-of-bounds splat very similar to the one reported in\ncommit 821bbf79fe46 (\"ipv6: Fix KASAN: slab-out-of-bounds Read in\n fib6_nh_flush_exceptions\").\n\nWe additionally need to take care of fib6_metrics initialization\nfailure when the caller provides an nh.\n\nThe fix is similar, explicitly free the route instead of calling\nfib6_info_release on a half-initialized object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47291",
"url": "https://www.suse.com/security/cve/CVE-2021-47291"
},
{
"category": "external",
"summary": "SUSE Bug 1224918 for CVE-2021-47291",
"url": "https://bugzilla.suse.com/1224918"
},
{
"category": "external",
"summary": "SUSE Bug 1227651 for CVE-2021-47291",
"url": "https://bugzilla.suse.com/1227651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2021-47291"
},
{
"cve": "CVE-2021-47378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47378"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-rdma: destroy cm id before destroy qp to avoid use after free\n\nWe should always destroy cm_id before destroy qp to avoid to get cma\nevent after qp was destroyed, which may lead to use after free.\nIn RDMA connection establishment error flow, don\u0027t destroy qp in cm\nevent handler.Just report cm_error to upper level, qp will be destroy\nin nvme_rdma_alloc_queue() after destroy cm id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47378",
"url": "https://www.suse.com/security/cve/CVE-2021-47378"
},
{
"category": "external",
"summary": "SUSE Bug 1225201 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225201"
},
{
"category": "external",
"summary": "SUSE Bug 1225202 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2021-47378"
},
{
"cve": "CVE-2021-47383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47383"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: Fix out-of-bound vmalloc access in imageblit\n\nThis issue happens when a userspace program does an ioctl\nFBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct\ncontaining only the fields xres, yres, and bits_per_pixel\nwith values.\n\nIf this struct is the same as the previous ioctl, the\nvc_resize() detects it and doesn\u0027t call the resize_screen(),\nleaving the fb_var_screeninfo incomplete. And this leads to\nthe updatescrollmode() calculates a wrong value to\nfbcon_display-\u003evrows, which makes the real_y() return a\nwrong value of y, and that value, eventually, causes\nthe imageblit to access an out-of-bound address value.\n\nTo solve this issue I made the resize_screen() be called\neven if the screen does not need any resizing, so it will\n\"fix and fill\" the fb_var_screeninfo independently.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47383",
"url": "https://www.suse.com/security/cve/CVE-2021-47383"
},
{
"category": "external",
"summary": "SUSE Bug 1225208 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225208"
},
{
"category": "external",
"summary": "SUSE Bug 1225211 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2021-47383"
},
{
"cve": "CVE-2021-47402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47402"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: flower: protect fl_walk() with rcu\n\nPatch that refactored fl_walk() to use idr_for_each_entry_continue_ul()\nalso removed rcu protection of individual filters which causes following\nuse-after-free when filter is deleted concurrently. Fix fl_walk() to obtain\nrcu read lock while iterating and taking the filter reference and temporary\nrelease the lock while calling arg-\u003efn() callback that can sleep.\n\nKASAN trace:\n\n[ 352.773640] ==================================================================\n[ 352.775041] BUG: KASAN: use-after-free in fl_walk+0x159/0x240 [cls_flower]\n[ 352.776304] Read of size 4 at addr ffff8881c8251480 by task tc/2987\n\n[ 352.777862] CPU: 3 PID: 2987 Comm: tc Not tainted 5.15.0-rc2+ #2\n[ 352.778980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 352.781022] Call Trace:\n[ 352.781573] dump_stack_lvl+0x46/0x5a\n[ 352.782332] print_address_description.constprop.0+0x1f/0x140\n[ 352.783400] ? fl_walk+0x159/0x240 [cls_flower]\n[ 352.784292] ? fl_walk+0x159/0x240 [cls_flower]\n[ 352.785138] kasan_report.cold+0x83/0xdf\n[ 352.785851] ? fl_walk+0x159/0x240 [cls_flower]\n[ 352.786587] kasan_check_range+0x145/0x1a0\n[ 352.787337] fl_walk+0x159/0x240 [cls_flower]\n[ 352.788163] ? fl_put+0x10/0x10 [cls_flower]\n[ 352.789007] ? __mutex_unlock_slowpath.constprop.0+0x220/0x220\n[ 352.790102] tcf_chain_dump+0x231/0x450\n[ 352.790878] ? tcf_chain_tp_delete_empty+0x170/0x170\n[ 352.791833] ? __might_sleep+0x2e/0xc0\n[ 352.792594] ? tfilter_notify+0x170/0x170\n[ 352.793400] ? __mutex_unlock_slowpath.constprop.0+0x220/0x220\n[ 352.794477] tc_dump_tfilter+0x385/0x4b0\n[ 352.795262] ? tc_new_tfilter+0x1180/0x1180\n[ 352.796103] ? __mod_node_page_state+0x1f/0xc0\n[ 352.796974] ? __build_skb_around+0x10e/0x130\n[ 352.797826] netlink_dump+0x2c0/0x560\n[ 352.798563] ? netlink_getsockopt+0x430/0x430\n[ 352.799433] ? __mutex_unlock_slowpath.constprop.0+0x220/0x220\n[ 352.800542] __netlink_dump_start+0x356/0x440\n[ 352.801397] rtnetlink_rcv_msg+0x3ff/0x550\n[ 352.802190] ? tc_new_tfilter+0x1180/0x1180\n[ 352.802872] ? rtnl_calcit.isra.0+0x1f0/0x1f0\n[ 352.803668] ? tc_new_tfilter+0x1180/0x1180\n[ 352.804344] ? _copy_from_iter_nocache+0x800/0x800\n[ 352.805202] ? kasan_set_track+0x1c/0x30\n[ 352.805900] netlink_rcv_skb+0xc6/0x1f0\n[ 352.806587] ? rht_deferred_worker+0x6b0/0x6b0\n[ 352.807455] ? rtnl_calcit.isra.0+0x1f0/0x1f0\n[ 352.808324] ? netlink_ack+0x4d0/0x4d0\n[ 352.809086] ? netlink_deliver_tap+0x62/0x3d0\n[ 352.809951] netlink_unicast+0x353/0x480\n[ 352.810744] ? netlink_attachskb+0x430/0x430\n[ 352.811586] ? __alloc_skb+0xd7/0x200\n[ 352.812349] netlink_sendmsg+0x396/0x680\n[ 352.813132] ? netlink_unicast+0x480/0x480\n[ 352.813952] ? __import_iovec+0x192/0x210\n[ 352.814759] ? netlink_unicast+0x480/0x480\n[ 352.815580] sock_sendmsg+0x6c/0x80\n[ 352.816299] ____sys_sendmsg+0x3a5/0x3c0\n[ 352.817096] ? kernel_sendmsg+0x30/0x30\n[ 352.817873] ? __ia32_sys_recvmmsg+0x150/0x150\n[ 352.818753] ___sys_sendmsg+0xd8/0x140\n[ 352.819518] ? sendmsg_copy_msghdr+0x110/0x110\n[ 352.820402] ? ___sys_recvmsg+0xf4/0x1a0\n[ 352.821110] ? __copy_msghdr_from_user+0x260/0x260\n[ 352.821934] ? _raw_spin_lock+0x81/0xd0\n[ 352.822680] ? __handle_mm_fault+0xef3/0x1b20\n[ 352.823549] ? rb_insert_color+0x2a/0x270\n[ 352.824373] ? copy_page_range+0x16b0/0x16b0\n[ 352.825209] ? perf_event_update_userpage+0x2d0/0x2d0\n[ 352.826190] ? __fget_light+0xd9/0xf0\n[ 352.826941] __sys_sendmsg+0xb3/0x130\n[ 352.827613] ? __sys_sendmsg_sock+0x20/0x20\n[ 352.828377] ? do_user_addr_fault+0x2c5/0x8a0\n[ 352.829184] ? fpregs_assert_state_consistent+0x52/0x60\n[ 352.830001] ? exit_to_user_mode_prepare+0x32/0x160\n[ 352.830845] do_syscall_64+0x35/0x80\n[ 352.831445] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 352.832331] RIP: 0033:0x7f7bee973c17\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47402",
"url": "https://www.suse.com/security/cve/CVE-2021-47402"
},
{
"category": "external",
"summary": "SUSE Bug 1225301 for CVE-2021-47402",
"url": "https://bugzilla.suse.com/1225301"
},
{
"category": "external",
"summary": "SUSE Bug 1225302 for CVE-2021-47402",
"url": "https://bugzilla.suse.com/1225302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2021-47402"
},
{
"cve": "CVE-2021-47598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_cake: do not call cake_destroy() from cake_init()\n\nqdiscs are not supposed to call their own destroy() method\nfrom init(), because core stack already does that.\n\nsyzbot was able to trigger use after free:\n\nDEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock_common kernel/locking/mutex.c:586 [inline]\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nModules linked in:\nCPU: 0 PID: 21902 Comm: syz-executor189 Not tainted 5.16.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:__mutex_lock_common kernel/locking/mutex.c:586 [inline]\nRIP: 0010:__mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nCode: 08 84 d2 0f 85 19 08 00 00 8b 05 97 38 4b 04 85 c0 0f 85 27 f7 ff ff 48 c7 c6 20 00 ac 89 48 c7 c7 a0 fe ab 89 e8 bf 76 ba ff \u003c0f\u003e 0b e9 0d f7 ff ff 48 8b 44 24 40 48 8d b8 c8 08 00 00 48 89 f8\nRSP: 0018:ffffc9000627f290 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802315d700 RSI: ffffffff815f1db8 RDI: fffff52000c4fe44\nRBP: ffff88818f28e000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815ebb5e R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: ffffc9000627f458 R15: 0000000093c30000\nFS: 0000555556abc400(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fda689c3303 CR3: 000000001cfbb000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcf_chain0_head_change_cb_del+0x2e/0x3d0 net/sched/cls_api.c:810\n tcf_block_put_ext net/sched/cls_api.c:1381 [inline]\n tcf_block_put_ext net/sched/cls_api.c:1376 [inline]\n tcf_block_put+0xbc/0x130 net/sched/cls_api.c:1394\n cake_destroy+0x3f/0x80 net/sched/sch_cake.c:2695\n qdisc_create.constprop.0+0x9da/0x10f0 net/sched/sch_api.c:1293\n tc_modify_qdisc+0x4c5/0x1980 net/sched/sch_api.c:1660\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2496\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f1bb06badb9\nCode: Unable to access opcode bytes at RIP 0x7f1bb06bad8f.\nRSP: 002b:00007fff3012a658 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1bb06badb9\nRDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000003 R11: 0000000000000246 R12: 00007fff3012a688\nR13: 00007fff3012a6a0 R14: 00007fff3012a6e0 R15: 00000000000013c2\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47598",
"url": "https://www.suse.com/security/cve/CVE-2021-47598"
},
{
"category": "external",
"summary": "SUSE Bug 1226574 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1226574"
},
{
"category": "external",
"summary": "SUSE Bug 1227471 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1227471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2021-47598"
},
{
"cve": "CVE-2022-48956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid use-after-free in ip6_fragment()\n\nBlamed commit claimed rcu_read_lock() was held by ip6_fragment() callers.\n\nIt seems to not be always true, at least for UDP stack.\n\nsyzbot reported:\n\nBUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline]\nBUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\nRead of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618\n\nCPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x15e/0x45d mm/kasan/report.c:395\n kasan_report+0xbf/0x1f0 mm/kasan/report.c:495\n ip6_dst_idev include/net/ip6_fib.h:245 [inline]\n ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\n __ip6_finish_output net/ipv6/ip6_output.c:193 [inline]\n ip6_finish_output+0x9a3/0x1170 net/ipv6/ip6_output.c:206\n NF_HOOK_COND include/linux/netfilter.h:291 [inline]\n ip6_output+0x1f1/0x540 net/ipv6/ip6_output.c:227\n dst_output include/net/dst.h:445 [inline]\n ip6_local_out+0xb3/0x1a0 net/ipv6/output_core.c:161\n ip6_send_skb+0xbb/0x340 net/ipv6/ip6_output.c:1966\n udp_v6_send_skb+0x82a/0x18a0 net/ipv6/udp.c:1286\n udp_v6_push_pending_frames+0x140/0x200 net/ipv6/udp.c:1313\n udpv6_sendmsg+0x18da/0x2c80 net/ipv6/udp.c:1606\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0xd3/0x120 net/socket.c:734\n sock_write_iter+0x295/0x3d0 net/socket.c:1108\n call_write_iter include/linux/fs.h:2191 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x9ed/0xdd0 fs/read_write.c:584\n ksys_write+0x1ec/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fde3588c0d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fde365b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fde359ac050 RCX: 00007fde3588c0d9\nRDX: 000000000000ffdc RSI: 00000000200000c0 RDI: 000000000000000a\nRBP: 00007fde358e7ae9 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fde35acfb1f R14: 00007fde365b6300 R15: 0000000000022000\n \u003c/TASK\u003e\n\nAllocated by task 7618:\n kasan_save_stack+0x22/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x82/0x90 mm/kasan/common.c:325\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3398 [inline]\n slab_alloc mm/slub.c:3406 [inline]\n __kmem_cache_alloc_lru mm/slub.c:3413 [inline]\n kmem_cache_alloc+0x2b4/0x3d0 mm/slub.c:3422\n dst_alloc+0x14a/0x1f0 net/core/dst.c:92\n ip6_dst_alloc+0x32/0xa0 net/ipv6/route.c:344\n ip6_rt_pcpu_alloc net/ipv6/route.c:1369 [inline]\n rt6_make_pcpu_route net/ipv6/route.c:1417 [inline]\n ip6_pol_route+0x901/0x1190 net/ipv6/route.c:2254\n pol_lookup_func include/net/ip6_fib.h:582 [inline]\n fib6_rule_lookup+0x52e/0x6f0 net/ipv6/fib6_rules.c:121\n ip6_route_output_flags_noref+0x2e6/0x380 net/ipv6/route.c:2625\n ip6_route_output_flags+0x76/0x320 net/ipv6/route.c:2638\n ip6_route_output include/net/ip6_route.h:98 [inline]\n ip6_dst_lookup_tail+0x5ab/0x1620 net/ipv6/ip6_output.c:1092\n ip6_dst_lookup_flow+0x90/0x1d0 net/ipv6/ip6_output.c:1222\n ip6_sk_dst_lookup_flow+0x553/0x980 net/ipv6/ip6_output.c:1260\n udpv6_sendmsg+0x151d/0x2c80 net/ipv6/udp.c:1554\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48956",
"url": "https://www.suse.com/security/cve/CVE-2022-48956"
},
{
"category": "external",
"summary": "SUSE Bug 1231893 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1231893"
},
{
"category": "external",
"summary": "SUSE Bug 1232799 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1232799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2022-48956"
},
{
"cve": "CVE-2023-1829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1829"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.\nWe recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1829",
"url": "https://www.suse.com/security/cve/CVE-2023-1829"
},
{
"category": "external",
"summary": "SUSE Bug 1210335 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1210335"
},
{
"category": "external",
"summary": "SUSE Bug 1210619 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1210619"
},
{
"category": "external",
"summary": "SUSE Bug 1217444 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1217444"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1220886 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1220886"
},
{
"category": "external",
"summary": "SUSE Bug 1228311 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1228311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2023-1829"
},
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2024-26828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need. However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t. That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26828",
"url": "https://www.suse.com/security/cve/CVE-2024-26828"
},
{
"category": "external",
"summary": "SUSE Bug 1223084 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "external",
"summary": "SUSE Bug 1223363 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix garbage collector racing against connect()\n\nGarbage collector does not take into account the risk of embryo getting\nenqueued during the garbage collection. If such embryo has a peer that\ncarries SCM_RIGHTS, two consecutive passes of scan_children() may see a\ndifferent set of children. Leading to an incorrectly elevated inflight\ncount, and then a dangling pointer within the gc_inflight_list.\n\nsockets are AF_UNIX/SOCK_STREAM\nS is an unconnected socket\nL is a listening in-flight socket bound to addr, not in fdtable\nV\u0027s fd will be passed via sendmsg(), gets inflight count bumped\n\nconnect(S, addr)\tsendmsg(S, [V]); close(V)\t__unix_gc()\n----------------\t-------------------------\t-----------\n\nNS = unix_create1()\nskb1 = sock_wmalloc(NS)\nL = unix_find_other(addr)\nunix_state_lock(L)\nunix_peer(S) = NS\n\t\t\t// V count=1 inflight=0\n\n \t\t\tNS = unix_peer(S)\n \t\t\tskb2 = sock_alloc()\n\t\t\tskb_queue_tail(NS, skb2[V])\n\n\t\t\t// V became in-flight\n\t\t\t// V count=2 inflight=1\n\n\t\t\tclose(V)\n\n\t\t\t// V count=1 inflight=1\n\t\t\t// GC candidate condition met\n\n\t\t\t\t\t\tfor u in gc_inflight_list:\n\t\t\t\t\t\t if (total_refs == inflight_refs)\n\t\t\t\t\t\t add u to gc_candidates\n\n\t\t\t\t\t\t// gc_candidates={L, V}\n\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t scan_children(u, dec_inflight)\n\n\t\t\t\t\t\t// embryo (skb1) was not\n\t\t\t\t\t\t// reachable from L yet, so V\u0027s\n\t\t\t\t\t\t// inflight remains unchanged\n__skb_queue_tail(L, skb1)\nunix_state_unlock(L)\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t if (u.inflight)\n\t\t\t\t\t\t scan_children(u, inc_inflight_move_tail)\n\n\t\t\t\t\t\t// V count=1 inflight=2 (!)\n\nIf there is a GC-candidate listening socket, lock/unlock its state. This\nmakes GC wait until the end of any ongoing connect() to that socket. After\nflipping the lock, a possibly SCM-laden embryo is already enqueued. And if\nthere is another embryo coming, it can not possibly carry SCM_RIGHTS. At\nthis point, unix_inflight() can not happen because unix_gc_lock is already\ntaken. Inflight graph remains unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26923",
"url": "https://www.suse.com/security/cve/CVE-2024-26923"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1223683 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-27398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n Cleanup Thread | Worker Thread\nsco_sock_release |\n sco_sock_close |\n __sco_sock_close |\n sco_sock_set_timer |\n schedule_delayed_work |\n sco_sock_kill | (wait a time)\n sock_put(sk) //FREE | sco_sock_timeout\n | sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[ 95.890016] ==================================================================\n[ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[ 95.890755] Workqueue: events sco_sock_timeout\n[ 95.890755] Call Trace:\n[ 95.890755] \u003cTASK\u003e\n[ 95.890755] dump_stack_lvl+0x45/0x110\n[ 95.890755] print_address_description+0x78/0x390\n[ 95.890755] print_report+0x11b/0x250\n[ 95.890755] ? __virt_addr_valid+0xbe/0xf0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_report+0x139/0x170\n[ 95.890755] ? update_load_avg+0xe5/0x9f0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_check_range+0x2c3/0x2e0\n[ 95.890755] sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] process_one_work+0x561/0xc50\n[ 95.890755] worker_thread+0xab2/0x13c0\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] kthread+0x279/0x300\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork+0x34/0x60\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork_asm+0x11/0x20\n[ 95.890755] \u003c/TASK\u003e\n[ 95.890755]\n[ 95.890755] Allocated by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] __kasan_kmalloc+0x86/0x90\n[ 95.890755] __kmalloc+0x17f/0x360\n[ 95.890755] sk_prot_alloc+0xe1/0x1a0\n[ 95.890755] sk_alloc+0x31/0x4e0\n[ 95.890755] bt_sock_alloc+0x2b/0x2a0\n[ 95.890755] sco_sock_create+0xad/0x320\n[ 95.890755] bt_sock_create+0x145/0x320\n[ 95.890755] __sock_create+0x2e1/0x650\n[ 95.890755] __sys_socket+0xd0/0x280\n[ 95.890755] __x64_sys_socket+0x75/0x80\n[ 95.890755] do_syscall_64+0xc4/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] Freed by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] kasan_save_free_info+0x40/0x50\n[ 95.890755] poison_slab_object+0x118/0x180\n[ 95.890755] __kasan_slab_free+0x12/0x30\n[ 95.890755] kfree+0xb2/0x240\n[ 95.890755] __sk_destruct+0x317/0x410\n[ 95.890755] sco_sock_release+0x232/0x280\n[ 95.890755] sock_close+0xb2/0x210\n[ 95.890755] __fput+0x37f/0x770\n[ 95.890755] task_work_run+0x1ae/0x210\n[ 95.890755] get_signal+0xe17/0xf70\n[ 95.890755] arch_do_signal_or_restart+0x3f/0x520\n[ 95.890755] syscall_exit_to_user_mode+0x55/0x120\n[ 95.890755] do_syscall_64+0xd1/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the object at ffff88800c388000\n[ 95.890755] which belongs to the cache kmalloc-1k of size 1024\n[ 95.890755] The buggy address is located 128 bytes inside of\n[ 95.890755] freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the physical page:\n[ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 95.890755] ano\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27398",
"url": "https://www.suse.com/security/cve/CVE-2024-27398"
},
{
"category": "external",
"summary": "SUSE Bug 1224174 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "external",
"summary": "SUSE Bug 1225013 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1225013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-35861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35861",
"url": "https://www.suse.com/security/cve/CVE-2024-35861"
},
{
"category": "external",
"summary": "SUSE Bug 1224766 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "external",
"summary": "SUSE Bug 1225312 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1225312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2024-35861"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev-\u003emode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors\u0027\nmode lists, which are protected by dev-\u003emode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35950",
"url": "https://www.suse.com/security/cve/CVE-2024-35950"
},
{
"category": "external",
"summary": "SUSE Bug 1224703 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "external",
"summary": "SUSE Bug 1225310 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1225310"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-36904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Use refcount_inc_not_zero() in tcp_twsk_unique().\n\nAnderson Nascimento reported a use-after-free splat in tcp_twsk_unique()\nwith nice analysis.\n\nSince commit ec94c2696f0b (\"tcp/dccp: avoid one atomic operation for\ntimewait hashdance\"), inet_twsk_hashdance() sets TIME-WAIT socket\u0027s\nsk_refcnt after putting it into ehash and releasing the bucket lock.\n\nThus, there is a small race window where other threads could try to\nreuse the port during connect() and call sock_hold() in tcp_twsk_unique()\nfor the TIME-WAIT socket with zero refcnt.\n\nIf that happens, the refcnt taken by tcp_twsk_unique() is overwritten\nand sock_put() will cause underflow, triggering a real use-after-free\nsomewhere else.\n\nTo avoid the use-after-free, we need to use refcount_inc_not_zero() in\ntcp_twsk_unique() and give up on reusing the port if it returns false.\n\n[0]:\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 0 PID: 1039313 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110\nCPU: 0 PID: 1039313 Comm: trigger Not tainted 6.8.6-200.fc39.x86_64 #1\nHardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.21805430.B64.2305221830 05/22/2023\nRIP: 0010:refcount_warn_saturate+0xe5/0x110\nCode: 42 8e ff 0f 0b c3 cc cc cc cc 80 3d aa 13 ea 01 00 0f 85 5e ff ff ff 48 c7 c7 f8 8e b7 82 c6 05 96 13 ea 01 01 e8 7b 42 8e ff \u003c0f\u003e 0b c3 cc cc cc cc 48 c7 c7 50 8f b7 82 c6 05 7a 13 ea 01 01 e8\nRSP: 0018:ffffc90006b43b60 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888009bb3ef0 RCX: 0000000000000027\nRDX: ffff88807be218c8 RSI: 0000000000000001 RDI: ffff88807be218c0\nRBP: 0000000000069d70 R08: 0000000000000000 R09: ffffc90006b439f0\nR10: ffffc90006b439e8 R11: 0000000000000003 R12: ffff8880029ede84\nR13: 0000000000004e20 R14: ffffffff84356dc0 R15: ffff888009bb3ef0\nFS: 00007f62c10926c0(0000) GS:ffff88807be00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020ccb000 CR3: 000000004628c005 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xe5/0x110\n ? __warn+0x81/0x130\n ? refcount_warn_saturate+0xe5/0x110\n ? report_bug+0x171/0x1a0\n ? refcount_warn_saturate+0xe5/0x110\n ? handle_bug+0x3c/0x80\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? refcount_warn_saturate+0xe5/0x110\n tcp_twsk_unique+0x186/0x190\n __inet_check_established+0x176/0x2d0\n __inet_hash_connect+0x74/0x7d0\n ? __pfx___inet_check_established+0x10/0x10\n tcp_v4_connect+0x278/0x530\n __inet_stream_connect+0x10f/0x3d0\n inet_stream_connect+0x3a/0x60\n __sys_connect+0xa8/0xd0\n __x64_sys_connect+0x18/0x20\n do_syscall_64+0x83/0x170\n entry_SYSCALL_64_after_hwframe+0x78/0x80\nRIP: 0033:0x7f62c11a885d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d a3 45 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007f62c1091e58 EFLAGS: 00000296 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000020ccb004 RCX: 00007f62c11a885d\nRDX: 0000000000000010 RSI: 0000000020ccb000 RDI: 0000000000000003\nRBP: 00007f62c1091e90 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000296 R12: 00007f62c10926c0\nR13: ffffffffffffff88 R14: 0000000000000000 R15: 00007ffe237885b0\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36904",
"url": "https://www.suse.com/security/cve/CVE-2024-36904"
},
{
"category": "external",
"summary": "SUSE Bug 1225732 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225732"
},
{
"category": "external",
"summary": "SUSE Bug 1225733 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2024-36904"
},
{
"cve": "CVE-2024-36964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36964",
"url": "https://www.suse.com/security/cve/CVE-2024-36964"
},
{
"category": "external",
"summary": "SUSE Bug 1225866 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "external",
"summary": "SUSE Bug 1226325 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1226325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-41059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix uninit-value in copy_name\n\n[syzbot reported]\nBUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160\n sized_strscpy+0xc4/0x160\n copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411\n hfsplus_listxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3877 [inline]\n slab_alloc_node mm/slub.c:3918 [inline]\n kmalloc_trace+0x57b/0xbe0 mm/slub.c:4065\n kmalloc include/linux/slab.h:628 [inline]\n hfsplus_listxattr+0x4cc/0x1a50 fs/hfsplus/xattr.c:699\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[Fix]\nWhen allocating memory to strbuf, initialize memory to 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41059",
"url": "https://www.suse.com/security/cve/CVE-2024-41059"
},
{
"category": "external",
"summary": "SUSE Bug 1228561 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228561"
},
{
"category": "external",
"summary": "SUSE Bug 1228573 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2024-41059"
},
{
"cve": "CVE-2024-43861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: qmi_wwan: fix memory leak for not ip packets\n\nFree the unused skb when not ip packets arrive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43861",
"url": "https://www.suse.com/security/cve/CVE-2024-43861"
},
{
"category": "external",
"summary": "SUSE Bug 1229500 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229500"
},
{
"category": "external",
"summary": "SUSE Bug 1229553 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2024-43861"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_161-default-9-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-16T10:35:08Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
}
]
}
SUSE-SU-2025:0089-1
Vulnerability from csaf_suse - Published: 2025-01-14 06:03 - Updated: 2025-01-14 06:03Summary
Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5)
Description of the patch
This update for the Linux Kernel 4.12.14-122_222 fixes several issues.
The following security issues were fixed:
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712).
- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273).
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
Patchnames
SUSE-2025-89,SUSE-SLE-Live-Patching-12-SP5-2025-89
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.12.14-122_222 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233712).\n- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).\n- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).\n- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273).\n- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-89,SUSE-SLE-Live-Patching-12-SP5-2025-89",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0089-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0089-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250089-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0089-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020102.html"
},
{
"category": "self",
"summary": "SUSE Bug 1228573",
"url": "https://bugzilla.suse.com/1228573"
},
{
"category": "self",
"summary": "SUSE Bug 1229273",
"url": "https://bugzilla.suse.com/1229273"
},
{
"category": "self",
"summary": "SUSE Bug 1229553",
"url": "https://bugzilla.suse.com/1229553"
},
{
"category": "self",
"summary": "SUSE Bug 1232637",
"url": "https://bugzilla.suse.com/1232637"
},
{
"category": "self",
"summary": "SUSE Bug 1233712",
"url": "https://bugzilla.suse.com/1233712"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 58 for SLE 12 SP5)",
"tracking": {
"current_release_date": "2025-01-14T06:03:47Z",
"generator": {
"date": "2025-01-14T06:03:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0089-1",
"initial_release_date": "2025-01-14T06:03:47Z",
"revision_history": [
{
"date": "2025-01-14T06:03:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-48956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid use-after-free in ip6_fragment()\n\nBlamed commit claimed rcu_read_lock() was held by ip6_fragment() callers.\n\nIt seems to not be always true, at least for UDP stack.\n\nsyzbot reported:\n\nBUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline]\nBUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\nRead of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618\n\nCPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x15e/0x45d mm/kasan/report.c:395\n kasan_report+0xbf/0x1f0 mm/kasan/report.c:495\n ip6_dst_idev include/net/ip6_fib.h:245 [inline]\n ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\n __ip6_finish_output net/ipv6/ip6_output.c:193 [inline]\n ip6_finish_output+0x9a3/0x1170 net/ipv6/ip6_output.c:206\n NF_HOOK_COND include/linux/netfilter.h:291 [inline]\n ip6_output+0x1f1/0x540 net/ipv6/ip6_output.c:227\n dst_output include/net/dst.h:445 [inline]\n ip6_local_out+0xb3/0x1a0 net/ipv6/output_core.c:161\n ip6_send_skb+0xbb/0x340 net/ipv6/ip6_output.c:1966\n udp_v6_send_skb+0x82a/0x18a0 net/ipv6/udp.c:1286\n udp_v6_push_pending_frames+0x140/0x200 net/ipv6/udp.c:1313\n udpv6_sendmsg+0x18da/0x2c80 net/ipv6/udp.c:1606\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0xd3/0x120 net/socket.c:734\n sock_write_iter+0x295/0x3d0 net/socket.c:1108\n call_write_iter include/linux/fs.h:2191 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x9ed/0xdd0 fs/read_write.c:584\n ksys_write+0x1ec/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fde3588c0d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fde365b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fde359ac050 RCX: 00007fde3588c0d9\nRDX: 000000000000ffdc RSI: 00000000200000c0 RDI: 000000000000000a\nRBP: 00007fde358e7ae9 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fde35acfb1f R14: 00007fde365b6300 R15: 0000000000022000\n \u003c/TASK\u003e\n\nAllocated by task 7618:\n kasan_save_stack+0x22/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x82/0x90 mm/kasan/common.c:325\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3398 [inline]\n slab_alloc mm/slub.c:3406 [inline]\n __kmem_cache_alloc_lru mm/slub.c:3413 [inline]\n kmem_cache_alloc+0x2b4/0x3d0 mm/slub.c:3422\n dst_alloc+0x14a/0x1f0 net/core/dst.c:92\n ip6_dst_alloc+0x32/0xa0 net/ipv6/route.c:344\n ip6_rt_pcpu_alloc net/ipv6/route.c:1369 [inline]\n rt6_make_pcpu_route net/ipv6/route.c:1417 [inline]\n ip6_pol_route+0x901/0x1190 net/ipv6/route.c:2254\n pol_lookup_func include/net/ip6_fib.h:582 [inline]\n fib6_rule_lookup+0x52e/0x6f0 net/ipv6/fib6_rules.c:121\n ip6_route_output_flags_noref+0x2e6/0x380 net/ipv6/route.c:2625\n ip6_route_output_flags+0x76/0x320 net/ipv6/route.c:2638\n ip6_route_output include/net/ip6_route.h:98 [inline]\n ip6_dst_lookup_tail+0x5ab/0x1620 net/ipv6/ip6_output.c:1092\n ip6_dst_lookup_flow+0x90/0x1d0 net/ipv6/ip6_output.c:1222\n ip6_sk_dst_lookup_flow+0x553/0x980 net/ipv6/ip6_output.c:1260\n udpv6_sendmsg+0x151d/0x2c80 net/ipv6/udp.c:1554\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48956",
"url": "https://www.suse.com/security/cve/CVE-2022-48956"
},
{
"category": "external",
"summary": "SUSE Bug 1231893 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1231893"
},
{
"category": "external",
"summary": "SUSE Bug 1232799 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1232799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T06:03:47Z",
"details": "important"
}
],
"title": "CVE-2022-48956"
},
{
"cve": "CVE-2024-35949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: make sure that WRITTEN is set on all metadata blocks\n\nWe previously would call btrfs_check_leaf() if we had the check\nintegrity code enabled, which meant that we could only run the extended\nleaf checks if we had WRITTEN set on the header flags.\n\nThis leaves a gap in our checking, because we could end up with\ncorruption on disk where WRITTEN isn\u0027t set on the leaf, and then the\nextended leaf checks don\u0027t get run which we rely on to validate all of\nthe item pointers to make sure we don\u0027t access memory outside of the\nextent buffer.\n\nHowever, since 732fab95abe2 (\"btrfs: check-integrity: remove\nCONFIG_BTRFS_FS_CHECK_INTEGRITY option\") we no longer call\nbtrfs_check_leaf() from btrfs_mark_buffer_dirty(), which means we only\never call it on blocks that are being written out, and thus have WRITTEN\nset, or that are being read in, which should have WRITTEN set.\n\nAdd checks to make sure we have WRITTEN set appropriately, and then make\nsure __btrfs_check_leaf() always does the item checking. This will\nprotect us from file systems that have been corrupted and no longer have\nWRITTEN set on some of the blocks.\n\nThis was hit on a crafted image tweaking the WRITTEN bit and reported by\nKASAN as out-of-bound access in the eb accessors. The example is a dir\nitem at the end of an eb.\n\n [2.042] BTRFS warning (device loop1): bad eb member start: ptr 0x3fff start 30572544 member offset 16410 size 2\n [2.040] general protection fault, probably for non-canonical address 0xe0009d1000000003: 0000 [#1] PREEMPT SMP KASAN NOPTI\n [2.537] KASAN: maybe wild-memory-access in range [0x0005088000000018-0x000508800000001f]\n [2.729] CPU: 0 PID: 2587 Comm: mount Not tainted 6.8.2 #1\n [2.729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n [2.621] RIP: 0010:btrfs_get_16+0x34b/0x6d0\n [2.621] RSP: 0018:ffff88810871fab8 EFLAGS: 00000206\n [2.621] RAX: 0000a11000000003 RBX: ffff888104ff8720 RCX: ffff88811b2288c0\n [2.621] RDX: dffffc0000000000 RSI: ffffffff81dd8aca RDI: ffff88810871f748\n [2.621] RBP: 000000000000401a R08: 0000000000000001 R09: ffffed10210e3ee9\n [2.621] R10: ffff88810871f74f R11: 205d323430333737 R12: 000000000000001a\n [2.621] R13: 000508800000001a R14: 1ffff110210e3f5d R15: ffffffff850011e8\n [2.621] FS: 00007f56ea275840(0000) GS:ffff88811b200000(0000) knlGS:0000000000000000\n [2.621] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [2.621] CR2: 00007febd13b75c0 CR3: 000000010bb50000 CR4: 00000000000006f0\n [2.621] Call Trace:\n [2.621] \u003cTASK\u003e\n [2.621] ? show_regs+0x74/0x80\n [2.621] ? die_addr+0x46/0xc0\n [2.621] ? exc_general_protection+0x161/0x2a0\n [2.621] ? asm_exc_general_protection+0x26/0x30\n [2.621] ? btrfs_get_16+0x33a/0x6d0\n [2.621] ? btrfs_get_16+0x34b/0x6d0\n [2.621] ? btrfs_get_16+0x33a/0x6d0\n [2.621] ? __pfx_btrfs_get_16+0x10/0x10\n [2.621] ? __pfx_mutex_unlock+0x10/0x10\n [2.621] btrfs_match_dir_item_name+0x101/0x1a0\n [2.621] btrfs_lookup_dir_item+0x1f3/0x280\n [2.621] ? __pfx_btrfs_lookup_dir_item+0x10/0x10\n [2.621] btrfs_get_tree+0xd25/0x1910\n\n[ copy more details from report ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35949",
"url": "https://www.suse.com/security/cve/CVE-2024-35949"
},
{
"category": "external",
"summary": "SUSE Bug 1224700 for CVE-2024-35949",
"url": "https://bugzilla.suse.com/1224700"
},
{
"category": "external",
"summary": "SUSE Bug 1229273 for CVE-2024-35949",
"url": "https://bugzilla.suse.com/1229273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T06:03:47Z",
"details": "important"
}
],
"title": "CVE-2024-35949"
},
{
"cve": "CVE-2024-41059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix uninit-value in copy_name\n\n[syzbot reported]\nBUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160\n sized_strscpy+0xc4/0x160\n copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411\n hfsplus_listxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3877 [inline]\n slab_alloc_node mm/slub.c:3918 [inline]\n kmalloc_trace+0x57b/0xbe0 mm/slub.c:4065\n kmalloc include/linux/slab.h:628 [inline]\n hfsplus_listxattr+0x4cc/0x1a50 fs/hfsplus/xattr.c:699\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[Fix]\nWhen allocating memory to strbuf, initialize memory to 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41059",
"url": "https://www.suse.com/security/cve/CVE-2024-41059"
},
{
"category": "external",
"summary": "SUSE Bug 1228561 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228561"
},
{
"category": "external",
"summary": "SUSE Bug 1228573 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T06:03:47Z",
"details": "important"
}
],
"title": "CVE-2024-41059"
},
{
"cve": "CVE-2024-43861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: qmi_wwan: fix memory leak for not ip packets\n\nFree the unused skb when not ip packets arrive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43861",
"url": "https://www.suse.com/security/cve/CVE-2024-43861"
},
{
"category": "external",
"summary": "SUSE Bug 1229500 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229500"
},
{
"category": "external",
"summary": "SUSE Bug 1229553 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T06:03:47Z",
"details": "important"
}
],
"title": "CVE-2024-43861"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_222-default-4-8.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T06:03:47Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
}
]
}
SUSE-SU-2025:0244-1
Vulnerability from csaf_suse - Published: 2025-01-27 12:03 - Updated: 2025-01-27 12:03Summary
Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)
Description of the patch
This update for the Linux Kernel 5.3.18-150300_59_153 fixes several issues.
The following security issues were fixed:
- CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712).
- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).
- CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651).
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).
- CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301)
- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310).
- CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
- CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).
- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514).
- CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685).
- CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487).
- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619).
Patchnames
SUSE-2025-244,SUSE-SLE-Module-Live-Patching-15-SP3-2025-244
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.3.18-150300_59_153 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324).\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233712).\n- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).\n- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).\n- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).\n- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).\n- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).\n- CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651).\n- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).\n- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).\n- CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301)\n- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202).\n- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).\n- CVE-2024-35950: drm/client: Fully protect modes with dev-\u003emode_config.mutex (bsc#1225310).\n- CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211).\n- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).\n- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).\n- CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537).\n- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145).\n- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).\n- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).\n- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-\u003emac_header (bsc#1223514).\n- CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685).\n- CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector\u0027s deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487).\n- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-244,SUSE-SLE-Module-Live-Patching-15-SP3-2025-244",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0244-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0244-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250244-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0244-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020222.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210619",
"url": "https://bugzilla.suse.com/1210619"
},
{
"category": "self",
"summary": "SUSE Bug 1218487",
"url": "https://bugzilla.suse.com/1218487"
},
{
"category": "self",
"summary": "SUSE Bug 1220145",
"url": "https://bugzilla.suse.com/1220145"
},
{
"category": "self",
"summary": "SUSE Bug 1220537",
"url": "https://bugzilla.suse.com/1220537"
},
{
"category": "self",
"summary": "SUSE Bug 1221302",
"url": "https://bugzilla.suse.com/1221302"
},
{
"category": "self",
"summary": "SUSE Bug 1222685",
"url": "https://bugzilla.suse.com/1222685"
},
{
"category": "self",
"summary": "SUSE Bug 1223059",
"url": "https://bugzilla.suse.com/1223059"
},
{
"category": "self",
"summary": "SUSE Bug 1223363",
"url": "https://bugzilla.suse.com/1223363"
},
{
"category": "self",
"summary": "SUSE Bug 1223514",
"url": "https://bugzilla.suse.com/1223514"
},
{
"category": "self",
"summary": "SUSE Bug 1223683",
"url": "https://bugzilla.suse.com/1223683"
},
{
"category": "self",
"summary": "SUSE Bug 1225013",
"url": "https://bugzilla.suse.com/1225013"
},
{
"category": "self",
"summary": "SUSE Bug 1225202",
"url": "https://bugzilla.suse.com/1225202"
},
{
"category": "self",
"summary": "SUSE Bug 1225211",
"url": "https://bugzilla.suse.com/1225211"
},
{
"category": "self",
"summary": "SUSE Bug 1225302",
"url": "https://bugzilla.suse.com/1225302"
},
{
"category": "self",
"summary": "SUSE Bug 1225309",
"url": "https://bugzilla.suse.com/1225309"
},
{
"category": "self",
"summary": "SUSE Bug 1225310",
"url": "https://bugzilla.suse.com/1225310"
},
{
"category": "self",
"summary": "SUSE Bug 1225311",
"url": "https://bugzilla.suse.com/1225311"
},
{
"category": "self",
"summary": "SUSE Bug 1225312",
"url": "https://bugzilla.suse.com/1225312"
},
{
"category": "self",
"summary": "SUSE Bug 1225733",
"url": "https://bugzilla.suse.com/1225733"
},
{
"category": "self",
"summary": "SUSE Bug 1225819",
"url": "https://bugzilla.suse.com/1225819"
},
{
"category": "self",
"summary": "SUSE Bug 1226324",
"url": "https://bugzilla.suse.com/1226324"
},
{
"category": "self",
"summary": "SUSE Bug 1226325",
"url": "https://bugzilla.suse.com/1226325"
},
{
"category": "self",
"summary": "SUSE Bug 1227471",
"url": "https://bugzilla.suse.com/1227471"
},
{
"category": "self",
"summary": "SUSE Bug 1227651",
"url": "https://bugzilla.suse.com/1227651"
},
{
"category": "self",
"summary": "SUSE Bug 1228573",
"url": "https://bugzilla.suse.com/1228573"
},
{
"category": "self",
"summary": "SUSE Bug 1229553",
"url": "https://bugzilla.suse.com/1229553"
},
{
"category": "self",
"summary": "SUSE Bug 1232637",
"url": "https://bugzilla.suse.com/1232637"
},
{
"category": "self",
"summary": "SUSE Bug 1233712",
"url": "https://bugzilla.suse.com/1233712"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-46955 page",
"url": "https://www.suse.com/security/cve/CVE-2021-46955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47291 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47378 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47378/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47383 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47383/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47402 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47598 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48651 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-1829 page",
"url": "https://www.suse.com/security/cve/CVE-2023-1829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6531 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6546 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26610 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36971 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)",
"tracking": {
"current_release_date": "2025-01-27T12:03:48Z",
"generator": {
"date": "2025-01-27T12:03:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0244-1",
"initial_release_date": "2025-01-27T12:03:48Z",
"revision_history": [
{
"date": "2025-01-27T12:03:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150300_59_153-preempt-12-150300.7.6.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150300_59_153-preempt-12-150300.7.6.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150300_59_153-preempt-12-150300.7.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-46955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-46955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: fix stack OOB read while fragmenting IPv4 packets\n\nrunning openvswitch on kernels built with KASAN, it\u0027s possible to see the\nfollowing splat while testing fragmentation of IPv4 packets:\n\n BUG: KASAN: stack-out-of-bounds in ip_do_fragment+0x1b03/0x1f60\n Read of size 1 at addr ffff888112fc713c by task handler2/1367\n\n CPU: 0 PID: 1367 Comm: handler2 Not tainted 5.12.0-rc6+ #418\n Hardware name: Red Hat KVM, BIOS 1.11.1-4.module+el8.1.0+4066+0f1aadab 04/01/2014\n Call Trace:\n dump_stack+0x92/0xc1\n print_address_description.constprop.7+0x1a/0x150\n kasan_report.cold.13+0x7f/0x111\n ip_do_fragment+0x1b03/0x1f60\n ovs_fragment+0x5bf/0x840 [openvswitch]\n do_execute_actions+0x1bd5/0x2400 [openvswitch]\n ovs_execute_actions+0xc8/0x3d0 [openvswitch]\n ovs_packet_cmd_execute+0xa39/0x1150 [openvswitch]\n genl_family_rcv_msg_doit.isra.15+0x227/0x2d0\n genl_rcv_msg+0x287/0x490\n netlink_rcv_skb+0x120/0x380\n genl_rcv+0x24/0x40\n netlink_unicast+0x439/0x630\n netlink_sendmsg+0x719/0xbf0\n sock_sendmsg+0xe2/0x110\n ____sys_sendmsg+0x5ba/0x890\n ___sys_sendmsg+0xe9/0x160\n __sys_sendmsg+0xd3/0x170\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RIP: 0033:0x7f957079db07\n Code: c3 66 90 41 54 41 89 d4 55 48 89 f5 53 89 fb 48 83 ec 10 e8 eb ec ff ff 44 89 e2 48 89 ee 89 df 41 89 c0 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 35 44 89 c7 48 89 44 24 08 e8 24 ed ff ff 48\n RSP: 002b:00007f956ce35a50 EFLAGS: 00000293 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000000000000019 RCX: 00007f957079db07\n RDX: 0000000000000000 RSI: 00007f956ce35ae0 RDI: 0000000000000019\n RBP: 00007f956ce35ae0 R08: 0000000000000000 R09: 00007f9558006730\n R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000\n R13: 00007f956ce37308 R14: 00007f956ce35f80 R15: 00007f956ce35ae0\n\n The buggy address belongs to the page:\n page:00000000af2a1d93 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x112fc7\n flags: 0x17ffffc0000000()\n raw: 0017ffffc0000000 0000000000000000 dead000000000122 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000\n page dumped because: kasan: bad access detected\n\n addr ffff888112fc713c is located in stack of task handler2/1367 at offset 180 in frame:\n ovs_fragment+0x0/0x840 [openvswitch]\n\n this frame has 2 objects:\n [32, 144) \u0027ovs_dst\u0027\n [192, 424) \u0027ovs_rt\u0027\n\n Memory state around the buggy address:\n ffff888112fc7000: f3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888112fc7080: 00 f1 f1 f1 f1 00 00 00 00 00 00 00 00 00 00 00\n \u003effff888112fc7100: 00 00 00 f2 f2 f2 f2 f2 f2 00 00 00 00 00 00 00\n ^\n ffff888112fc7180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff888112fc7200: 00 00 00 00 00 00 f2 f2 f2 00 00 00 00 00 00 00\n\nfor IPv4 packets, ovs_fragment() uses a temporary struct dst_entry. Then,\nin the following call graph:\n\n ip_do_fragment()\n ip_skb_dst_mtu()\n ip_dst_mtu_maybe_forward()\n ip_mtu_locked()\n\nthe pointer to struct dst_entry is used as pointer to struct rtable: this\nturns the access to struct members like rt_mtu_locked into an OOB read in\nthe stack. Fix this changing the temporary variable used for IPv4 packets\nin ovs_fragment(), similarly to what is done for IPv6 few lines below.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-46955",
"url": "https://www.suse.com/security/cve/CVE-2021-46955"
},
{
"category": "external",
"summary": "SUSE Bug 1220513 for CVE-2021-46955",
"url": "https://bugzilla.suse.com/1220513"
},
{
"category": "external",
"summary": "SUSE Bug 1220537 for CVE-2021-46955",
"url": "https://bugzilla.suse.com/1220537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2021-46955"
},
{
"cve": "CVE-2021-47291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47291"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions\n\nWhile running the self-tests on a KASAN enabled kernel, I observed a\nslab-out-of-bounds splat very similar to the one reported in\ncommit 821bbf79fe46 (\"ipv6: Fix KASAN: slab-out-of-bounds Read in\n fib6_nh_flush_exceptions\").\n\nWe additionally need to take care of fib6_metrics initialization\nfailure when the caller provides an nh.\n\nThe fix is similar, explicitly free the route instead of calling\nfib6_info_release on a half-initialized object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47291",
"url": "https://www.suse.com/security/cve/CVE-2021-47291"
},
{
"category": "external",
"summary": "SUSE Bug 1224918 for CVE-2021-47291",
"url": "https://bugzilla.suse.com/1224918"
},
{
"category": "external",
"summary": "SUSE Bug 1227651 for CVE-2021-47291",
"url": "https://bugzilla.suse.com/1227651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2021-47291"
},
{
"cve": "CVE-2021-47378",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47378"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-rdma: destroy cm id before destroy qp to avoid use after free\n\nWe should always destroy cm_id before destroy qp to avoid to get cma\nevent after qp was destroyed, which may lead to use after free.\nIn RDMA connection establishment error flow, don\u0027t destroy qp in cm\nevent handler.Just report cm_error to upper level, qp will be destroy\nin nvme_rdma_alloc_queue() after destroy cm id.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47378",
"url": "https://www.suse.com/security/cve/CVE-2021-47378"
},
{
"category": "external",
"summary": "SUSE Bug 1225201 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225201"
},
{
"category": "external",
"summary": "SUSE Bug 1225202 for CVE-2021-47378",
"url": "https://bugzilla.suse.com/1225202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2021-47378"
},
{
"cve": "CVE-2021-47383",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47383"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: Fix out-of-bound vmalloc access in imageblit\n\nThis issue happens when a userspace program does an ioctl\nFBIOPUT_VSCREENINFO passing the fb_var_screeninfo struct\ncontaining only the fields xres, yres, and bits_per_pixel\nwith values.\n\nIf this struct is the same as the previous ioctl, the\nvc_resize() detects it and doesn\u0027t call the resize_screen(),\nleaving the fb_var_screeninfo incomplete. And this leads to\nthe updatescrollmode() calculates a wrong value to\nfbcon_display-\u003evrows, which makes the real_y() return a\nwrong value of y, and that value, eventually, causes\nthe imageblit to access an out-of-bound address value.\n\nTo solve this issue I made the resize_screen() be called\neven if the screen does not need any resizing, so it will\n\"fix and fill\" the fb_var_screeninfo independently.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47383",
"url": "https://www.suse.com/security/cve/CVE-2021-47383"
},
{
"category": "external",
"summary": "SUSE Bug 1225208 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225208"
},
{
"category": "external",
"summary": "SUSE Bug 1225211 for CVE-2021-47383",
"url": "https://bugzilla.suse.com/1225211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2021-47383"
},
{
"cve": "CVE-2021-47402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47402"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: flower: protect fl_walk() with rcu\n\nPatch that refactored fl_walk() to use idr_for_each_entry_continue_ul()\nalso removed rcu protection of individual filters which causes following\nuse-after-free when filter is deleted concurrently. Fix fl_walk() to obtain\nrcu read lock while iterating and taking the filter reference and temporary\nrelease the lock while calling arg-\u003efn() callback that can sleep.\n\nKASAN trace:\n\n[ 352.773640] ==================================================================\n[ 352.775041] BUG: KASAN: use-after-free in fl_walk+0x159/0x240 [cls_flower]\n[ 352.776304] Read of size 4 at addr ffff8881c8251480 by task tc/2987\n\n[ 352.777862] CPU: 3 PID: 2987 Comm: tc Not tainted 5.15.0-rc2+ #2\n[ 352.778980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 352.781022] Call Trace:\n[ 352.781573] dump_stack_lvl+0x46/0x5a\n[ 352.782332] print_address_description.constprop.0+0x1f/0x140\n[ 352.783400] ? fl_walk+0x159/0x240 [cls_flower]\n[ 352.784292] ? fl_walk+0x159/0x240 [cls_flower]\n[ 352.785138] kasan_report.cold+0x83/0xdf\n[ 352.785851] ? fl_walk+0x159/0x240 [cls_flower]\n[ 352.786587] kasan_check_range+0x145/0x1a0\n[ 352.787337] fl_walk+0x159/0x240 [cls_flower]\n[ 352.788163] ? fl_put+0x10/0x10 [cls_flower]\n[ 352.789007] ? __mutex_unlock_slowpath.constprop.0+0x220/0x220\n[ 352.790102] tcf_chain_dump+0x231/0x450\n[ 352.790878] ? tcf_chain_tp_delete_empty+0x170/0x170\n[ 352.791833] ? __might_sleep+0x2e/0xc0\n[ 352.792594] ? tfilter_notify+0x170/0x170\n[ 352.793400] ? __mutex_unlock_slowpath.constprop.0+0x220/0x220\n[ 352.794477] tc_dump_tfilter+0x385/0x4b0\n[ 352.795262] ? tc_new_tfilter+0x1180/0x1180\n[ 352.796103] ? __mod_node_page_state+0x1f/0xc0\n[ 352.796974] ? __build_skb_around+0x10e/0x130\n[ 352.797826] netlink_dump+0x2c0/0x560\n[ 352.798563] ? netlink_getsockopt+0x430/0x430\n[ 352.799433] ? __mutex_unlock_slowpath.constprop.0+0x220/0x220\n[ 352.800542] __netlink_dump_start+0x356/0x440\n[ 352.801397] rtnetlink_rcv_msg+0x3ff/0x550\n[ 352.802190] ? tc_new_tfilter+0x1180/0x1180\n[ 352.802872] ? rtnl_calcit.isra.0+0x1f0/0x1f0\n[ 352.803668] ? tc_new_tfilter+0x1180/0x1180\n[ 352.804344] ? _copy_from_iter_nocache+0x800/0x800\n[ 352.805202] ? kasan_set_track+0x1c/0x30\n[ 352.805900] netlink_rcv_skb+0xc6/0x1f0\n[ 352.806587] ? rht_deferred_worker+0x6b0/0x6b0\n[ 352.807455] ? rtnl_calcit.isra.0+0x1f0/0x1f0\n[ 352.808324] ? netlink_ack+0x4d0/0x4d0\n[ 352.809086] ? netlink_deliver_tap+0x62/0x3d0\n[ 352.809951] netlink_unicast+0x353/0x480\n[ 352.810744] ? netlink_attachskb+0x430/0x430\n[ 352.811586] ? __alloc_skb+0xd7/0x200\n[ 352.812349] netlink_sendmsg+0x396/0x680\n[ 352.813132] ? netlink_unicast+0x480/0x480\n[ 352.813952] ? __import_iovec+0x192/0x210\n[ 352.814759] ? netlink_unicast+0x480/0x480\n[ 352.815580] sock_sendmsg+0x6c/0x80\n[ 352.816299] ____sys_sendmsg+0x3a5/0x3c0\n[ 352.817096] ? kernel_sendmsg+0x30/0x30\n[ 352.817873] ? __ia32_sys_recvmmsg+0x150/0x150\n[ 352.818753] ___sys_sendmsg+0xd8/0x140\n[ 352.819518] ? sendmsg_copy_msghdr+0x110/0x110\n[ 352.820402] ? ___sys_recvmsg+0xf4/0x1a0\n[ 352.821110] ? __copy_msghdr_from_user+0x260/0x260\n[ 352.821934] ? _raw_spin_lock+0x81/0xd0\n[ 352.822680] ? __handle_mm_fault+0xef3/0x1b20\n[ 352.823549] ? rb_insert_color+0x2a/0x270\n[ 352.824373] ? copy_page_range+0x16b0/0x16b0\n[ 352.825209] ? perf_event_update_userpage+0x2d0/0x2d0\n[ 352.826190] ? __fget_light+0xd9/0xf0\n[ 352.826941] __sys_sendmsg+0xb3/0x130\n[ 352.827613] ? __sys_sendmsg_sock+0x20/0x20\n[ 352.828377] ? do_user_addr_fault+0x2c5/0x8a0\n[ 352.829184] ? fpregs_assert_state_consistent+0x52/0x60\n[ 352.830001] ? exit_to_user_mode_prepare+0x32/0x160\n[ 352.830845] do_syscall_64+0x35/0x80\n[ 352.831445] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 352.832331] RIP: 0033:0x7f7bee973c17\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47402",
"url": "https://www.suse.com/security/cve/CVE-2021-47402"
},
{
"category": "external",
"summary": "SUSE Bug 1225301 for CVE-2021-47402",
"url": "https://bugzilla.suse.com/1225301"
},
{
"category": "external",
"summary": "SUSE Bug 1225302 for CVE-2021-47402",
"url": "https://bugzilla.suse.com/1225302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2021-47402"
},
{
"cve": "CVE-2021-47598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_cake: do not call cake_destroy() from cake_init()\n\nqdiscs are not supposed to call their own destroy() method\nfrom init(), because core stack already does that.\n\nsyzbot was able to trigger use after free:\n\nDEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock_common kernel/locking/mutex.c:586 [inline]\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nModules linked in:\nCPU: 0 PID: 21902 Comm: syz-executor189 Not tainted 5.16.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:__mutex_lock_common kernel/locking/mutex.c:586 [inline]\nRIP: 0010:__mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nCode: 08 84 d2 0f 85 19 08 00 00 8b 05 97 38 4b 04 85 c0 0f 85 27 f7 ff ff 48 c7 c6 20 00 ac 89 48 c7 c7 a0 fe ab 89 e8 bf 76 ba ff \u003c0f\u003e 0b e9 0d f7 ff ff 48 8b 44 24 40 48 8d b8 c8 08 00 00 48 89 f8\nRSP: 0018:ffffc9000627f290 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802315d700 RSI: ffffffff815f1db8 RDI: fffff52000c4fe44\nRBP: ffff88818f28e000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815ebb5e R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: ffffc9000627f458 R15: 0000000093c30000\nFS: 0000555556abc400(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fda689c3303 CR3: 000000001cfbb000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcf_chain0_head_change_cb_del+0x2e/0x3d0 net/sched/cls_api.c:810\n tcf_block_put_ext net/sched/cls_api.c:1381 [inline]\n tcf_block_put_ext net/sched/cls_api.c:1376 [inline]\n tcf_block_put+0xbc/0x130 net/sched/cls_api.c:1394\n cake_destroy+0x3f/0x80 net/sched/sch_cake.c:2695\n qdisc_create.constprop.0+0x9da/0x10f0 net/sched/sch_api.c:1293\n tc_modify_qdisc+0x4c5/0x1980 net/sched/sch_api.c:1660\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2496\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f1bb06badb9\nCode: Unable to access opcode bytes at RIP 0x7f1bb06bad8f.\nRSP: 002b:00007fff3012a658 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1bb06badb9\nRDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000003 R11: 0000000000000246 R12: 00007fff3012a688\nR13: 00007fff3012a6a0 R14: 00007fff3012a6e0 R15: 00000000000013c2\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47598",
"url": "https://www.suse.com/security/cve/CVE-2021-47598"
},
{
"category": "external",
"summary": "SUSE Bug 1226574 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1226574"
},
{
"category": "external",
"summary": "SUSE Bug 1227471 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1227471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2021-47598"
},
{
"cve": "CVE-2022-48651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix out-of-bound bugs caused by unset skb-\u003emac_header\n\nIf an AF_PACKET socket is used to send packets through ipvlan and the\ndefault xmit function of the AF_PACKET socket is changed from\ndev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option\nname of PACKET_QDISC_BYPASS, the skb-\u003emac_header may not be reset and\nremains as the initial value of 65535, this may trigger slab-out-of-bounds\nbugs as following:\n\n=================================================================\nUG: KASAN: slab-out-of-bounds in ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nPU: 2 PID: 1768 Comm: raw_send Kdump: loaded Not tainted 6.0.0-rc4+ #6\nardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33\nall Trace:\nprint_address_description.constprop.0+0x1d/0x160\nprint_report.cold+0x4f/0x112\nkasan_report+0xa3/0x130\nipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nipvlan_start_xmit+0x29/0xa0 [ipvlan]\n__dev_direct_xmit+0x2e2/0x380\npacket_direct_xmit+0x22/0x60\npacket_snd+0x7c9/0xc40\nsock_sendmsg+0x9a/0xa0\n__sys_sendto+0x18a/0x230\n__x64_sys_sendto+0x74/0x90\ndo_syscall_64+0x3b/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe root cause is:\n 1. packet_snd() only reset skb-\u003emac_header when sock-\u003etype is SOCK_RAW\n and skb-\u003eprotocol is not specified as in packet_parse_headers()\n\n 2. packet_direct_xmit() doesn\u0027t reset skb-\u003emac_header as dev_queue_xmit()\n\nIn this case, skb-\u003emac_header is 65535 when ipvlan_xmit_mode_l2() is\ncalled. So when ipvlan_xmit_mode_l2() gets mac header with eth_hdr() which\nuse \"skb-\u003ehead + skb-\u003emac_header\", out-of-bound access occurs.\n\nThis patch replaces eth_hdr() with skb_eth_hdr() in ipvlan_xmit_mode_l2()\nand reset mac header in multicast to solve this out-of-bound bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48651",
"url": "https://www.suse.com/security/cve/CVE-2022-48651"
},
{
"category": "external",
"summary": "SUSE Bug 1223513 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223513"
},
{
"category": "external",
"summary": "SUSE Bug 1223514 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2022-48651"
},
{
"cve": "CVE-2022-48956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid use-after-free in ip6_fragment()\n\nBlamed commit claimed rcu_read_lock() was held by ip6_fragment() callers.\n\nIt seems to not be always true, at least for UDP stack.\n\nsyzbot reported:\n\nBUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline]\nBUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\nRead of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618\n\nCPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x15e/0x45d mm/kasan/report.c:395\n kasan_report+0xbf/0x1f0 mm/kasan/report.c:495\n ip6_dst_idev include/net/ip6_fib.h:245 [inline]\n ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\n __ip6_finish_output net/ipv6/ip6_output.c:193 [inline]\n ip6_finish_output+0x9a3/0x1170 net/ipv6/ip6_output.c:206\n NF_HOOK_COND include/linux/netfilter.h:291 [inline]\n ip6_output+0x1f1/0x540 net/ipv6/ip6_output.c:227\n dst_output include/net/dst.h:445 [inline]\n ip6_local_out+0xb3/0x1a0 net/ipv6/output_core.c:161\n ip6_send_skb+0xbb/0x340 net/ipv6/ip6_output.c:1966\n udp_v6_send_skb+0x82a/0x18a0 net/ipv6/udp.c:1286\n udp_v6_push_pending_frames+0x140/0x200 net/ipv6/udp.c:1313\n udpv6_sendmsg+0x18da/0x2c80 net/ipv6/udp.c:1606\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0xd3/0x120 net/socket.c:734\n sock_write_iter+0x295/0x3d0 net/socket.c:1108\n call_write_iter include/linux/fs.h:2191 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x9ed/0xdd0 fs/read_write.c:584\n ksys_write+0x1ec/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fde3588c0d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fde365b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fde359ac050 RCX: 00007fde3588c0d9\nRDX: 000000000000ffdc RSI: 00000000200000c0 RDI: 000000000000000a\nRBP: 00007fde358e7ae9 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fde35acfb1f R14: 00007fde365b6300 R15: 0000000000022000\n \u003c/TASK\u003e\n\nAllocated by task 7618:\n kasan_save_stack+0x22/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x82/0x90 mm/kasan/common.c:325\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3398 [inline]\n slab_alloc mm/slub.c:3406 [inline]\n __kmem_cache_alloc_lru mm/slub.c:3413 [inline]\n kmem_cache_alloc+0x2b4/0x3d0 mm/slub.c:3422\n dst_alloc+0x14a/0x1f0 net/core/dst.c:92\n ip6_dst_alloc+0x32/0xa0 net/ipv6/route.c:344\n ip6_rt_pcpu_alloc net/ipv6/route.c:1369 [inline]\n rt6_make_pcpu_route net/ipv6/route.c:1417 [inline]\n ip6_pol_route+0x901/0x1190 net/ipv6/route.c:2254\n pol_lookup_func include/net/ip6_fib.h:582 [inline]\n fib6_rule_lookup+0x52e/0x6f0 net/ipv6/fib6_rules.c:121\n ip6_route_output_flags_noref+0x2e6/0x380 net/ipv6/route.c:2625\n ip6_route_output_flags+0x76/0x320 net/ipv6/route.c:2638\n ip6_route_output include/net/ip6_route.h:98 [inline]\n ip6_dst_lookup_tail+0x5ab/0x1620 net/ipv6/ip6_output.c:1092\n ip6_dst_lookup_flow+0x90/0x1d0 net/ipv6/ip6_output.c:1222\n ip6_sk_dst_lookup_flow+0x553/0x980 net/ipv6/ip6_output.c:1260\n udpv6_sendmsg+0x151d/0x2c80 net/ipv6/udp.c:1554\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48956",
"url": "https://www.suse.com/security/cve/CVE-2022-48956"
},
{
"category": "external",
"summary": "SUSE Bug 1231893 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1231893"
},
{
"category": "external",
"summary": "SUSE Bug 1232799 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1232799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2022-48956"
},
{
"cve": "CVE-2023-1829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-1829"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.\nWe recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-1829",
"url": "https://www.suse.com/security/cve/CVE-2023-1829"
},
{
"category": "external",
"summary": "SUSE Bug 1210335 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1210335"
},
{
"category": "external",
"summary": "SUSE Bug 1210619 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1210619"
},
{
"category": "external",
"summary": "SUSE Bug 1217444 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1217444"
},
{
"category": "external",
"summary": "SUSE Bug 1217531 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1217531"
},
{
"category": "external",
"summary": "SUSE Bug 1220886 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1220886"
},
{
"category": "external",
"summary": "SUSE Bug 1228311 for CVE-2023-1829",
"url": "https://bugzilla.suse.com/1228311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2023-1829"
},
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2023-6531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6531"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector\u0027s deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6531",
"url": "https://www.suse.com/security/cve/CVE-2023-6531"
},
{
"category": "external",
"summary": "SUSE Bug 1218447 for CVE-2023-6531",
"url": "https://bugzilla.suse.com/1218447"
},
{
"category": "external",
"summary": "SUSE Bug 1218487 for CVE-2023-6531",
"url": "https://bugzilla.suse.com/1218487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2023-6531"
},
{
"cve": "CVE-2023-6546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6546"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6546",
"url": "https://www.suse.com/security/cve/CVE-2023-6546"
},
{
"category": "external",
"summary": "SUSE Bug 1218335 for CVE-2023-6546",
"url": "https://bugzilla.suse.com/1218335"
},
{
"category": "external",
"summary": "SUSE Bug 1222685 for CVE-2023-6546",
"url": "https://bugzilla.suse.com/1222685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2023-6546"
},
{
"cve": "CVE-2024-23307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23307"
}
],
"notes": [
{
"category": "general",
"text": "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23307",
"url": "https://www.suse.com/security/cve/CVE-2024-23307"
},
{
"category": "external",
"summary": "SUSE Bug 1219169 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1219169"
},
{
"category": "external",
"summary": "SUSE Bug 1220145 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1220145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-23307"
},
{
"cve": "CVE-2024-26610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix a memory corruption\n\niwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that\nif we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in\nbytes, we\u0027ll write past the buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26610",
"url": "https://www.suse.com/security/cve/CVE-2024-26610"
},
{
"category": "external",
"summary": "SUSE Bug 1221299 for CVE-2024-26610",
"url": "https://bugzilla.suse.com/1221299"
},
{
"category": "external",
"summary": "SUSE Bug 1221302 for CVE-2024-26610",
"url": "https://bugzilla.suse.com/1221302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-26610"
},
{
"cve": "CVE-2024-26828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need. However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t. That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26828",
"url": "https://www.suse.com/security/cve/CVE-2024-26828"
},
{
"category": "external",
"summary": "SUSE Bug 1223084 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "external",
"summary": "SUSE Bug 1223363 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26852",
"url": "https://www.suse.com/security/cve/CVE-2024-26852"
},
{
"category": "external",
"summary": "SUSE Bug 1223057 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "external",
"summary": "SUSE Bug 1223059 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix garbage collector racing against connect()\n\nGarbage collector does not take into account the risk of embryo getting\nenqueued during the garbage collection. If such embryo has a peer that\ncarries SCM_RIGHTS, two consecutive passes of scan_children() may see a\ndifferent set of children. Leading to an incorrectly elevated inflight\ncount, and then a dangling pointer within the gc_inflight_list.\n\nsockets are AF_UNIX/SOCK_STREAM\nS is an unconnected socket\nL is a listening in-flight socket bound to addr, not in fdtable\nV\u0027s fd will be passed via sendmsg(), gets inflight count bumped\n\nconnect(S, addr)\tsendmsg(S, [V]); close(V)\t__unix_gc()\n----------------\t-------------------------\t-----------\n\nNS = unix_create1()\nskb1 = sock_wmalloc(NS)\nL = unix_find_other(addr)\nunix_state_lock(L)\nunix_peer(S) = NS\n\t\t\t// V count=1 inflight=0\n\n \t\t\tNS = unix_peer(S)\n \t\t\tskb2 = sock_alloc()\n\t\t\tskb_queue_tail(NS, skb2[V])\n\n\t\t\t// V became in-flight\n\t\t\t// V count=2 inflight=1\n\n\t\t\tclose(V)\n\n\t\t\t// V count=1 inflight=1\n\t\t\t// GC candidate condition met\n\n\t\t\t\t\t\tfor u in gc_inflight_list:\n\t\t\t\t\t\t if (total_refs == inflight_refs)\n\t\t\t\t\t\t add u to gc_candidates\n\n\t\t\t\t\t\t// gc_candidates={L, V}\n\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t scan_children(u, dec_inflight)\n\n\t\t\t\t\t\t// embryo (skb1) was not\n\t\t\t\t\t\t// reachable from L yet, so V\u0027s\n\t\t\t\t\t\t// inflight remains unchanged\n__skb_queue_tail(L, skb1)\nunix_state_unlock(L)\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t if (u.inflight)\n\t\t\t\t\t\t scan_children(u, inc_inflight_move_tail)\n\n\t\t\t\t\t\t// V count=1 inflight=2 (!)\n\nIf there is a GC-candidate listening socket, lock/unlock its state. This\nmakes GC wait until the end of any ongoing connect() to that socket. After\nflipping the lock, a possibly SCM-laden embryo is already enqueued. And if\nthere is another embryo coming, it can not possibly carry SCM_RIGHTS. At\nthis point, unix_inflight() can not happen because unix_gc_lock is already\ntaken. Inflight graph remains unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26923",
"url": "https://www.suse.com/security/cve/CVE-2024-26923"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1223683 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-27398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n Cleanup Thread | Worker Thread\nsco_sock_release |\n sco_sock_close |\n __sco_sock_close |\n sco_sock_set_timer |\n schedule_delayed_work |\n sco_sock_kill | (wait a time)\n sock_put(sk) //FREE | sco_sock_timeout\n | sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[ 95.890016] ==================================================================\n[ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[ 95.890755] Workqueue: events sco_sock_timeout\n[ 95.890755] Call Trace:\n[ 95.890755] \u003cTASK\u003e\n[ 95.890755] dump_stack_lvl+0x45/0x110\n[ 95.890755] print_address_description+0x78/0x390\n[ 95.890755] print_report+0x11b/0x250\n[ 95.890755] ? __virt_addr_valid+0xbe/0xf0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_report+0x139/0x170\n[ 95.890755] ? update_load_avg+0xe5/0x9f0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_check_range+0x2c3/0x2e0\n[ 95.890755] sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] process_one_work+0x561/0xc50\n[ 95.890755] worker_thread+0xab2/0x13c0\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] kthread+0x279/0x300\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork+0x34/0x60\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork_asm+0x11/0x20\n[ 95.890755] \u003c/TASK\u003e\n[ 95.890755]\n[ 95.890755] Allocated by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] __kasan_kmalloc+0x86/0x90\n[ 95.890755] __kmalloc+0x17f/0x360\n[ 95.890755] sk_prot_alloc+0xe1/0x1a0\n[ 95.890755] sk_alloc+0x31/0x4e0\n[ 95.890755] bt_sock_alloc+0x2b/0x2a0\n[ 95.890755] sco_sock_create+0xad/0x320\n[ 95.890755] bt_sock_create+0x145/0x320\n[ 95.890755] __sock_create+0x2e1/0x650\n[ 95.890755] __sys_socket+0xd0/0x280\n[ 95.890755] __x64_sys_socket+0x75/0x80\n[ 95.890755] do_syscall_64+0xc4/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] Freed by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] kasan_save_free_info+0x40/0x50\n[ 95.890755] poison_slab_object+0x118/0x180\n[ 95.890755] __kasan_slab_free+0x12/0x30\n[ 95.890755] kfree+0xb2/0x240\n[ 95.890755] __sk_destruct+0x317/0x410\n[ 95.890755] sco_sock_release+0x232/0x280\n[ 95.890755] sock_close+0xb2/0x210\n[ 95.890755] __fput+0x37f/0x770\n[ 95.890755] task_work_run+0x1ae/0x210\n[ 95.890755] get_signal+0xe17/0xf70\n[ 95.890755] arch_do_signal_or_restart+0x3f/0x520\n[ 95.890755] syscall_exit_to_user_mode+0x55/0x120\n[ 95.890755] do_syscall_64+0xd1/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the object at ffff88800c388000\n[ 95.890755] which belongs to the cache kmalloc-1k of size 1024\n[ 95.890755] The buggy address is located 128 bytes inside of\n[ 95.890755] freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the physical page:\n[ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 95.890755] ano\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27398",
"url": "https://www.suse.com/security/cve/CVE-2024-27398"
},
{
"category": "external",
"summary": "SUSE Bug 1224174 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "external",
"summary": "SUSE Bug 1225013 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1225013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-35861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35861",
"url": "https://www.suse.com/security/cve/CVE-2024-35861"
},
{
"category": "external",
"summary": "SUSE Bug 1224766 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "external",
"summary": "SUSE Bug 1225312 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1225312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-35861"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev-\u003emode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors\u0027\nmode lists, which are protected by dev-\u003emode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35950",
"url": "https://www.suse.com/security/cve/CVE-2024-35950"
},
{
"category": "external",
"summary": "SUSE Bug 1224703 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "external",
"summary": "SUSE Bug 1225310 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1225310"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-36904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Use refcount_inc_not_zero() in tcp_twsk_unique().\n\nAnderson Nascimento reported a use-after-free splat in tcp_twsk_unique()\nwith nice analysis.\n\nSince commit ec94c2696f0b (\"tcp/dccp: avoid one atomic operation for\ntimewait hashdance\"), inet_twsk_hashdance() sets TIME-WAIT socket\u0027s\nsk_refcnt after putting it into ehash and releasing the bucket lock.\n\nThus, there is a small race window where other threads could try to\nreuse the port during connect() and call sock_hold() in tcp_twsk_unique()\nfor the TIME-WAIT socket with zero refcnt.\n\nIf that happens, the refcnt taken by tcp_twsk_unique() is overwritten\nand sock_put() will cause underflow, triggering a real use-after-free\nsomewhere else.\n\nTo avoid the use-after-free, we need to use refcount_inc_not_zero() in\ntcp_twsk_unique() and give up on reusing the port if it returns false.\n\n[0]:\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 0 PID: 1039313 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110\nCPU: 0 PID: 1039313 Comm: trigger Not tainted 6.8.6-200.fc39.x86_64 #1\nHardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.21805430.B64.2305221830 05/22/2023\nRIP: 0010:refcount_warn_saturate+0xe5/0x110\nCode: 42 8e ff 0f 0b c3 cc cc cc cc 80 3d aa 13 ea 01 00 0f 85 5e ff ff ff 48 c7 c7 f8 8e b7 82 c6 05 96 13 ea 01 01 e8 7b 42 8e ff \u003c0f\u003e 0b c3 cc cc cc cc 48 c7 c7 50 8f b7 82 c6 05 7a 13 ea 01 01 e8\nRSP: 0018:ffffc90006b43b60 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888009bb3ef0 RCX: 0000000000000027\nRDX: ffff88807be218c8 RSI: 0000000000000001 RDI: ffff88807be218c0\nRBP: 0000000000069d70 R08: 0000000000000000 R09: ffffc90006b439f0\nR10: ffffc90006b439e8 R11: 0000000000000003 R12: ffff8880029ede84\nR13: 0000000000004e20 R14: ffffffff84356dc0 R15: ffff888009bb3ef0\nFS: 00007f62c10926c0(0000) GS:ffff88807be00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020ccb000 CR3: 000000004628c005 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xe5/0x110\n ? __warn+0x81/0x130\n ? refcount_warn_saturate+0xe5/0x110\n ? report_bug+0x171/0x1a0\n ? refcount_warn_saturate+0xe5/0x110\n ? handle_bug+0x3c/0x80\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? refcount_warn_saturate+0xe5/0x110\n tcp_twsk_unique+0x186/0x190\n __inet_check_established+0x176/0x2d0\n __inet_hash_connect+0x74/0x7d0\n ? __pfx___inet_check_established+0x10/0x10\n tcp_v4_connect+0x278/0x530\n __inet_stream_connect+0x10f/0x3d0\n inet_stream_connect+0x3a/0x60\n __sys_connect+0xa8/0xd0\n __x64_sys_connect+0x18/0x20\n do_syscall_64+0x83/0x170\n entry_SYSCALL_64_after_hwframe+0x78/0x80\nRIP: 0033:0x7f62c11a885d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d a3 45 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007f62c1091e58 EFLAGS: 00000296 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000020ccb004 RCX: 00007f62c11a885d\nRDX: 0000000000000010 RSI: 0000000020ccb000 RDI: 0000000000000003\nRBP: 00007f62c1091e90 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000296 R12: 00007f62c10926c0\nR13: ffffffffffffff88 R14: 0000000000000000 R15: 00007ffe237885b0\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36904",
"url": "https://www.suse.com/security/cve/CVE-2024-36904"
},
{
"category": "external",
"summary": "SUSE Bug 1225732 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225732"
},
{
"category": "external",
"summary": "SUSE Bug 1225733 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-36904"
},
{
"cve": "CVE-2024-36964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36964",
"url": "https://www.suse.com/security/cve/CVE-2024-36964"
},
{
"category": "external",
"summary": "SUSE Bug 1225866 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "external",
"summary": "SUSE Bug 1226325 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1226325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-36971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix __dst_negative_advice() race\n\n__dst_negative_advice() does not enforce proper RCU rules when\nsk-\u003edst_cache must be cleared, leading to possible UAF.\n\nRCU rules are that we must first clear sk-\u003esk_dst_cache,\nthen call dst_release(old_dst).\n\nNote that sk_dst_reset(sk) is implementing this protocol correctly,\nwhile __dst_negative_advice() uses the wrong order.\n\nGiven that ip6_negative_advice() has special logic\nagainst RTF_CACHE, this means each of the three -\u003enegative_advice()\nexisting methods must perform the sk_dst_reset() themselves.\n\nNote the check against NULL dst is centralized in\n__dst_negative_advice(), there is no need to duplicate\nit in various callbacks.\n\nMany thanks to Clement Lecigne for tracking this issue.\n\nThis old bug became visible after the blamed commit, using UDP sockets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36971",
"url": "https://www.suse.com/security/cve/CVE-2024-36971"
},
{
"category": "external",
"summary": "SUSE Bug 1226145 for CVE-2024-36971",
"url": "https://bugzilla.suse.com/1226145"
},
{
"category": "external",
"summary": "SUSE Bug 1226324 for CVE-2024-36971",
"url": "https://bugzilla.suse.com/1226324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-36971"
},
{
"cve": "CVE-2024-41059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix uninit-value in copy_name\n\n[syzbot reported]\nBUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160\n sized_strscpy+0xc4/0x160\n copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411\n hfsplus_listxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3877 [inline]\n slab_alloc_node mm/slub.c:3918 [inline]\n kmalloc_trace+0x57b/0xbe0 mm/slub.c:4065\n kmalloc include/linux/slab.h:628 [inline]\n hfsplus_listxattr+0x4cc/0x1a50 fs/hfsplus/xattr.c:699\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[Fix]\nWhen allocating memory to strbuf, initialize memory to 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41059",
"url": "https://www.suse.com/security/cve/CVE-2024-41059"
},
{
"category": "external",
"summary": "SUSE Bug 1228561 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228561"
},
{
"category": "external",
"summary": "SUSE Bug 1228573 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-41059"
},
{
"cve": "CVE-2024-43861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: qmi_wwan: fix memory leak for not ip packets\n\nFree the unused skb when not ip packets arrive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43861",
"url": "https://www.suse.com/security/cve/CVE-2024-43861"
},
{
"category": "external",
"summary": "SUSE Bug 1229500 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229500"
},
{
"category": "external",
"summary": "SUSE Bug 1229553 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-43861"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_153-default-12-150300.7.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T12:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
}
]
}
SUSE-SU-2025:0269-1
Vulnerability from csaf_suse - Published: 2025-01-28 13:03 - Updated: 2025-01-28 13:03Summary
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)
Notes
Title of the patch
Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)
Description of the patch
This update for the Linux Kernel 6.4.0-150600_10_5 fixes several issues.
The following security issues were fixed:
- CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784).
- CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781).
- CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1227369).
- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349).
Patchnames
SUSE-2025-269,SUSE-SLE-Module-Live-Patching-15-SP6-2025-269
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 6.4.0-150600_10_5 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784).\n- CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781).\n- CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1227369).\n- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275).\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233712).\n- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).\n- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).\n- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)\n- CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-269,SUSE-SLE-Module-Live-Patching-15-SP6-2025-269",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0269-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0269-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250269-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0269-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020226.html"
},
{
"category": "self",
"summary": "SUSE Bug 1225819",
"url": "https://bugzilla.suse.com/1225819"
},
{
"category": "self",
"summary": "SUSE Bug 1227369",
"url": "https://bugzilla.suse.com/1227369"
},
{
"category": "self",
"summary": "SUSE Bug 1227781",
"url": "https://bugzilla.suse.com/1227781"
},
{
"category": "self",
"summary": "SUSE Bug 1227784",
"url": "https://bugzilla.suse.com/1227784"
},
{
"category": "self",
"summary": "SUSE Bug 1228349",
"url": "https://bugzilla.suse.com/1228349"
},
{
"category": "self",
"summary": "SUSE Bug 1228786",
"url": "https://bugzilla.suse.com/1228786"
},
{
"category": "self",
"summary": "SUSE Bug 1229273",
"url": "https://bugzilla.suse.com/1229273"
},
{
"category": "self",
"summary": "SUSE Bug 1229275",
"url": "https://bugzilla.suse.com/1229275"
},
{
"category": "self",
"summary": "SUSE Bug 1229553",
"url": "https://bugzilla.suse.com/1229553"
},
{
"category": "self",
"summary": "SUSE Bug 1233712",
"url": "https://bugzilla.suse.com/1233712"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40909 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40920 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
}
],
"title": "Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)",
"tracking": {
"current_release_date": "2025-01-28T13:03:48Z",
"generator": {
"date": "2025-01-28T13:03:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0269-1",
"initial_release_date": "2025-01-28T13:03:48Z",
"revision_history": [
{
"date": "2025-01-28T13:03:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T13:03:48Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2024-35949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: make sure that WRITTEN is set on all metadata blocks\n\nWe previously would call btrfs_check_leaf() if we had the check\nintegrity code enabled, which meant that we could only run the extended\nleaf checks if we had WRITTEN set on the header flags.\n\nThis leaves a gap in our checking, because we could end up with\ncorruption on disk where WRITTEN isn\u0027t set on the leaf, and then the\nextended leaf checks don\u0027t get run which we rely on to validate all of\nthe item pointers to make sure we don\u0027t access memory outside of the\nextent buffer.\n\nHowever, since 732fab95abe2 (\"btrfs: check-integrity: remove\nCONFIG_BTRFS_FS_CHECK_INTEGRITY option\") we no longer call\nbtrfs_check_leaf() from btrfs_mark_buffer_dirty(), which means we only\never call it on blocks that are being written out, and thus have WRITTEN\nset, or that are being read in, which should have WRITTEN set.\n\nAdd checks to make sure we have WRITTEN set appropriately, and then make\nsure __btrfs_check_leaf() always does the item checking. This will\nprotect us from file systems that have been corrupted and no longer have\nWRITTEN set on some of the blocks.\n\nThis was hit on a crafted image tweaking the WRITTEN bit and reported by\nKASAN as out-of-bound access in the eb accessors. The example is a dir\nitem at the end of an eb.\n\n [2.042] BTRFS warning (device loop1): bad eb member start: ptr 0x3fff start 30572544 member offset 16410 size 2\n [2.040] general protection fault, probably for non-canonical address 0xe0009d1000000003: 0000 [#1] PREEMPT SMP KASAN NOPTI\n [2.537] KASAN: maybe wild-memory-access in range [0x0005088000000018-0x000508800000001f]\n [2.729] CPU: 0 PID: 2587 Comm: mount Not tainted 6.8.2 #1\n [2.729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n [2.621] RIP: 0010:btrfs_get_16+0x34b/0x6d0\n [2.621] RSP: 0018:ffff88810871fab8 EFLAGS: 00000206\n [2.621] RAX: 0000a11000000003 RBX: ffff888104ff8720 RCX: ffff88811b2288c0\n [2.621] RDX: dffffc0000000000 RSI: ffffffff81dd8aca RDI: ffff88810871f748\n [2.621] RBP: 000000000000401a R08: 0000000000000001 R09: ffffed10210e3ee9\n [2.621] R10: ffff88810871f74f R11: 205d323430333737 R12: 000000000000001a\n [2.621] R13: 000508800000001a R14: 1ffff110210e3f5d R15: ffffffff850011e8\n [2.621] FS: 00007f56ea275840(0000) GS:ffff88811b200000(0000) knlGS:0000000000000000\n [2.621] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [2.621] CR2: 00007febd13b75c0 CR3: 000000010bb50000 CR4: 00000000000006f0\n [2.621] Call Trace:\n [2.621] \u003cTASK\u003e\n [2.621] ? show_regs+0x74/0x80\n [2.621] ? die_addr+0x46/0xc0\n [2.621] ? exc_general_protection+0x161/0x2a0\n [2.621] ? asm_exc_general_protection+0x26/0x30\n [2.621] ? btrfs_get_16+0x33a/0x6d0\n [2.621] ? btrfs_get_16+0x34b/0x6d0\n [2.621] ? btrfs_get_16+0x33a/0x6d0\n [2.621] ? __pfx_btrfs_get_16+0x10/0x10\n [2.621] ? __pfx_mutex_unlock+0x10/0x10\n [2.621] btrfs_match_dir_item_name+0x101/0x1a0\n [2.621] btrfs_lookup_dir_item+0x1f3/0x280\n [2.621] ? __pfx_btrfs_lookup_dir_item+0x10/0x10\n [2.621] btrfs_get_tree+0xd25/0x1910\n\n[ copy more details from report ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35949",
"url": "https://www.suse.com/security/cve/CVE-2024-35949"
},
{
"category": "external",
"summary": "SUSE Bug 1224700 for CVE-2024-35949",
"url": "https://bugzilla.suse.com/1224700"
},
{
"category": "external",
"summary": "SUSE Bug 1229273 for CVE-2024-35949",
"url": "https://bugzilla.suse.com/1229273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T13:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-35949"
},
{
"cve": "CVE-2024-36979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: mst: fix vlan use-after-free\n\nsyzbot reported a suspicious rcu usage[1] in bridge\u0027s mst code. While\nfixing it I noticed that nothing prevents a vlan to be freed while\nwalking the list from the same path (br forward delay timer). Fix the rcu\nusage and also make sure we are not accessing freed memory by making\nbr_mst_vlan_set_state use rcu read lock.\n\n[1]\n WARNING: suspicious RCU usage\n 6.9.0-rc6-syzkaller #0 Not tainted\n -----------------------------\n net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage!\n ...\n stack backtrace:\n CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\n Call Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712\n nbp_vlan_group net/bridge/br_private.h:1599 [inline]\n br_mst_set_state+0x1ea/0x650 net/bridge/br_mst.c:105\n br_set_state+0x28a/0x7b0 net/bridge/br_stp.c:47\n br_forward_delay_timer_expired+0x176/0x440 net/bridge/br_stp_timer.c:88\n call_timer_fn+0x18e/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2429\n run_timer_base kernel/time/timer.c:2438 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2448\n __do_softirq+0x2c6/0x980 kernel/softirq.c:554\n invoke_softirq kernel/softirq.c:428 [inline]\n __irq_exit_rcu+0xf2/0x1c0 kernel/softirq.c:633\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:645\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\n RIP: 0010:lock_acquire+0x264/0x550 kernel/locking/lockdep.c:5758\n Code: 2b 00 74 08 4c 89 f7 e8 ba d1 84 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 \u003c4b\u003e c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25\n RSP: 0018:ffffc90013657100 EFLAGS: 00000206\n RAX: 0000000000000001 RBX: 1ffff920026cae2c RCX: 0000000000000001\n RDX: dffffc0000000000 RSI: ffffffff8bcaca00 RDI: ffffffff8c1eaa60\n RBP: ffffc90013657260 R08: ffffffff92efe507 R09: 1ffffffff25dfca0\n R10: dffffc0000000000 R11: fffffbfff25dfca1 R12: 1ffff920026cae28\n R13: dffffc0000000000 R14: ffffc90013657160 R15: 0000000000000246",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36979",
"url": "https://www.suse.com/security/cve/CVE-2024-36979"
},
{
"category": "external",
"summary": "SUSE Bug 1226604 for CVE-2024-36979",
"url": "https://bugzilla.suse.com/1226604"
},
{
"category": "external",
"summary": "SUSE Bug 1227369 for CVE-2024-36979",
"url": "https://bugzilla.suse.com/1227369"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T13:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-36979"
},
{
"cve": "CVE-2024-40909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a potential use-after-free in bpf_link_free()\n\nAfter commit 1a80dbcb2dba, bpf_link can be freed by\nlink-\u003eops-\u003edealloc_deferred, but the code still tests and uses\nlink-\u003eops-\u003edealloc afterward, which leads to a use-after-free as\nreported by syzbot. Actually, one of them should be sufficient, so\njust call one of them instead of both. Also add a WARN_ON() in case\nof any problematic implementation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40909",
"url": "https://www.suse.com/security/cve/CVE-2024-40909"
},
{
"category": "external",
"summary": "SUSE Bug 1227798 for CVE-2024-40909",
"url": "https://bugzilla.suse.com/1227798"
},
{
"category": "external",
"summary": "SUSE Bug 1228349 for CVE-2024-40909",
"url": "https://bugzilla.suse.com/1228349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T13:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-40909"
},
{
"cve": "CVE-2024-40920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: mst: fix suspicious rcu usage in br_mst_set_state\n\nI converted br_mst_set_state to RCU to avoid a vlan use-after-free\nbut forgot to change the vlan group dereference helper. Switch to vlan\ngroup RCU deref helper to fix the suspicious rcu usage warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40920",
"url": "https://www.suse.com/security/cve/CVE-2024-40920"
},
{
"category": "external",
"summary": "SUSE Bug 1227781 for CVE-2024-40920",
"url": "https://bugzilla.suse.com/1227781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T13:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-40920"
},
{
"cve": "CVE-2024-40921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: mst: pass vlan group directly to br_mst_vlan_set_state\n\nPass the already obtained vlan group pointer to br_mst_vlan_set_state()\ninstead of dereferencing it again. Each caller has already correctly\ndereferenced it for their context. This change is required for the\nfollowing suspicious RCU dereference fix. No functional changes\nintended.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40921",
"url": "https://www.suse.com/security/cve/CVE-2024-40921"
},
{
"category": "external",
"summary": "SUSE Bug 1227784 for CVE-2024-40921",
"url": "https://bugzilla.suse.com/1227784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T13:03:48Z",
"details": "moderate"
}
],
"title": "CVE-2024-40921"
},
{
"cve": "CVE-2024-40954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not leave a dangling sk pointer, when socket creation fails\n\nIt is possible to trigger a use-after-free by:\n * attaching an fentry probe to __sock_release() and the probe calling the\n bpf_get_socket_cookie() helper\n * running traceroute -I 1.1.1.1 on a freshly booted VM\n\nA KASAN enabled kernel will log something like below (decoded and stripped):\n==================================================================\nBUG: KASAN: slab-use-after-free in __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nRead of size 8 at addr ffff888007110dd8 by task traceroute/299\n\nCPU: 2 PID: 299 Comm: traceroute Tainted: G E 6.10.0-rc2+ #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\nprint_report (mm/kasan/report.c:378 mm/kasan/report.c:488)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_report (mm/kasan/report.c:603)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_check_range (mm/kasan/generic.c:183 mm/kasan/generic.c:189)\n__sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nbpf_get_socket_ptr_cookie (./arch/x86/include/asm/preempt.h:94 ./include/linux/sock_diag.h:42 net/core/filter.c:5094 net/core/filter.c:5092)\nbpf_prog_875642cf11f1d139___sock_release+0x6e/0x8e\nbpf_trampoline_6442506592+0x47/0xaf\n__sock_release (net/socket.c:652)\n__sock_create (net/socket.c:1601)\n...\nAllocated by task 299 on cpu 2 at 78.328492s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\n__kasan_slab_alloc (mm/kasan/common.c:312 mm/kasan/common.c:338)\nkmem_cache_alloc_noprof (mm/slub.c:3941 mm/slub.c:4000 mm/slub.c:4007)\nsk_prot_alloc (net/core/sock.c:2075)\nsk_alloc (net/core/sock.c:2134)\ninet_create (net/ipv4/af_inet.c:327 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFreed by task 299 on cpu 2 at 78.328502s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\nkasan_save_free_info (mm/kasan/generic.c:582)\npoison_slab_object (mm/kasan/common.c:242)\n__kasan_slab_free (mm/kasan/common.c:256)\nkmem_cache_free (mm/slub.c:4437 mm/slub.c:4511)\n__sk_destruct (net/core/sock.c:2117 net/core/sock.c:2208)\ninet_create (net/ipv4/af_inet.c:397 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by clearing the struct socket reference in sk_common_release() to cover\nall protocol families create functions, which may already attached the\nreference to the sk object with sock_init_data().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40954",
"url": "https://www.suse.com/security/cve/CVE-2024-40954"
},
{
"category": "external",
"summary": "SUSE Bug 1227808 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1227808"
},
{
"category": "external",
"summary": "SUSE Bug 1228786 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1228786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T13:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-40954"
},
{
"cve": "CVE-2024-41057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie()\n\nWe got the following issue in our fault injection stress test:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in cachefiles_withdraw_cookie+0x4d9/0x600\nRead of size 8 at addr ffff888118efc000 by task kworker/u78:0/109\n\nCPU: 13 PID: 109 Comm: kworker/u78:0 Not tainted 6.8.0-dirty #566\nCall Trace:\n \u003cTASK\u003e\n kasan_report+0x93/0xc0\n cachefiles_withdraw_cookie+0x4d9/0x600\n fscache_cookie_state_machine+0x5c8/0x1230\n fscache_cookie_worker+0x91/0x1c0\n process_one_work+0x7fa/0x1800\n [...]\n\nAllocated by task 117:\n kmalloc_trace+0x1b3/0x3c0\n cachefiles_acquire_volume+0xf3/0x9c0\n fscache_create_volume_work+0x97/0x150\n process_one_work+0x7fa/0x1800\n [...]\n\nFreed by task 120301:\n kfree+0xf1/0x2c0\n cachefiles_withdraw_cache+0x3fa/0x920\n cachefiles_put_unbind_pincount+0x1f6/0x250\n cachefiles_daemon_release+0x13b/0x290\n __fput+0x204/0xa00\n task_work_run+0x139/0x230\n do_exit+0x87a/0x29b0\n [...]\n==================================================================\n\nFollowing is the process that triggers the issue:\n\n p1 | p2\n------------------------------------------------------------\n fscache_begin_lookup\n fscache_begin_volume_access\n fscache_cache_is_live(fscache_cache)\ncachefiles_daemon_release\n cachefiles_put_unbind_pincount\n cachefiles_daemon_unbind\n cachefiles_withdraw_cache\n fscache_withdraw_cache\n fscache_set_cache_state(cache, FSCACHE_CACHE_IS_WITHDRAWN);\n cachefiles_withdraw_objects(cache)\n fscache_wait_for_objects(fscache)\n atomic_read(\u0026fscache_cache-\u003eobject_count) == 0\n fscache_perform_lookup\n cachefiles_lookup_cookie\n cachefiles_alloc_object\n refcount_set(\u0026object-\u003eref, 1);\n object-\u003evolume = volume\n fscache_count_object(vcookie-\u003ecache);\n atomic_inc(\u0026fscache_cache-\u003eobject_count)\n cachefiles_withdraw_volumes\n cachefiles_withdraw_volume\n fscache_withdraw_volume\n __cachefiles_free_volume\n kfree(cachefiles_volume)\n fscache_cookie_state_machine\n cachefiles_withdraw_cookie\n cache = object-\u003evolume-\u003ecache;\n // cachefiles_volume UAF !!!\n\nAfter setting FSCACHE_CACHE_IS_WITHDRAWN, wait for all the cookie lookups\nto complete first, and then wait for fscache_cache-\u003eobject_count == 0 to\navoid the cookie exiting after the volume has been freed and triggering\nthe above issue. Therefore call fscache_withdraw_volume() before calling\ncachefiles_withdraw_objects().\n\nThis way, after setting FSCACHE_CACHE_IS_WITHDRAWN, only the following two\ncases will occur:\n1) fscache_begin_lookup fails in fscache_begin_volume_access().\n2) fscache_withdraw_volume() will ensure that fscache_count_object() has\n been executed before calling fscache_wait_for_objects().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41057",
"url": "https://www.suse.com/security/cve/CVE-2024-41057"
},
{
"category": "external",
"summary": "SUSE Bug 1228462 for CVE-2024-41057",
"url": "https://bugzilla.suse.com/1228462"
},
{
"category": "external",
"summary": "SUSE Bug 1229275 for CVE-2024-41057",
"url": "https://bugzilla.suse.com/1229275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T13:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-41057"
},
{
"cve": "CVE-2024-43861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: qmi_wwan: fix memory leak for not ip packets\n\nFree the unused skb when not ip packets arrive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43861",
"url": "https://www.suse.com/security/cve/CVE-2024-43861"
},
{
"category": "external",
"summary": "SUSE Bug 1229500 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229500"
},
{
"category": "external",
"summary": "SUSE Bug 1229553 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T13:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-43861"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_5-rt-7-150600.1.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-28T13:03:48Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
}
]
}
SUSE-SU-2025:0252-1
Vulnerability from csaf_suse - Published: 2025-01-27 13:03 - Updated: 2025-01-27 13:03Summary
Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)
Description of the patch
This update for the Linux Kernel 5.14.21-150500_55_52 fixes several issues.
The following security issues were fixed:
- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275).
- CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712).
- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
- CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327).
- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099).
- CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521).
- CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).
- CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).
- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514).
- CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832).
- CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685).
Patchnames
SUSE-2025-252,SUSE-SLE-Module-Live-Patching-15-SP5-2025-252
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150500_55_52 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275).\n- CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324).\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233712).\n- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).\n- CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429).\n- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).\n- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).\n- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327).\n- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).\n- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273).\n- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).\n- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).\n- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739).\n- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)\n- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).\n- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).\n- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099).\n- CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521).\n- CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313).\n- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).\n- CVE-2024-35950: drm/client: Fully protect modes with dev-\u003emode_config.mutex (bsc#1225310).\n- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).\n- CVE-2024-26930: Fixed double free of the ha-\u003evp_map pointer (bsc#1223681).\n- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).\n- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145).\n- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).\n- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).\n- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-\u003emac_header (bsc#1223514).\n- CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832).\n- CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-252,SUSE-SLE-Module-Live-Patching-15-SP5-2025-252",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0252-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0252-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250252-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0252-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020215.html"
},
{
"category": "self",
"summary": "SUSE Bug 1220145",
"url": "https://bugzilla.suse.com/1220145"
},
{
"category": "self",
"summary": "SUSE Bug 1220832",
"url": "https://bugzilla.suse.com/1220832"
},
{
"category": "self",
"summary": "SUSE Bug 1221302",
"url": "https://bugzilla.suse.com/1221302"
},
{
"category": "self",
"summary": "SUSE Bug 1222685",
"url": "https://bugzilla.suse.com/1222685"
},
{
"category": "self",
"summary": "SUSE Bug 1223059",
"url": "https://bugzilla.suse.com/1223059"
},
{
"category": "self",
"summary": "SUSE Bug 1223363",
"url": "https://bugzilla.suse.com/1223363"
},
{
"category": "self",
"summary": "SUSE Bug 1223514",
"url": "https://bugzilla.suse.com/1223514"
},
{
"category": "self",
"summary": "SUSE Bug 1223521",
"url": "https://bugzilla.suse.com/1223521"
},
{
"category": "self",
"summary": "SUSE Bug 1223681",
"url": "https://bugzilla.suse.com/1223681"
},
{
"category": "self",
"summary": "SUSE Bug 1223683",
"url": "https://bugzilla.suse.com/1223683"
},
{
"category": "self",
"summary": "SUSE Bug 1225011",
"url": "https://bugzilla.suse.com/1225011"
},
{
"category": "self",
"summary": "SUSE Bug 1225012",
"url": "https://bugzilla.suse.com/1225012"
},
{
"category": "self",
"summary": "SUSE Bug 1225013",
"url": "https://bugzilla.suse.com/1225013"
},
{
"category": "self",
"summary": "SUSE Bug 1225099",
"url": "https://bugzilla.suse.com/1225099"
},
{
"category": "self",
"summary": "SUSE Bug 1225309",
"url": "https://bugzilla.suse.com/1225309"
},
{
"category": "self",
"summary": "SUSE Bug 1225310",
"url": "https://bugzilla.suse.com/1225310"
},
{
"category": "self",
"summary": "SUSE Bug 1225311",
"url": "https://bugzilla.suse.com/1225311"
},
{
"category": "self",
"summary": "SUSE Bug 1225312",
"url": "https://bugzilla.suse.com/1225312"
},
{
"category": "self",
"summary": "SUSE Bug 1225313",
"url": "https://bugzilla.suse.com/1225313"
},
{
"category": "self",
"summary": "SUSE Bug 1225429",
"url": "https://bugzilla.suse.com/1225429"
},
{
"category": "self",
"summary": "SUSE Bug 1225733",
"url": "https://bugzilla.suse.com/1225733"
},
{
"category": "self",
"summary": "SUSE Bug 1225739",
"url": "https://bugzilla.suse.com/1225739"
},
{
"category": "self",
"summary": "SUSE Bug 1225819",
"url": "https://bugzilla.suse.com/1225819"
},
{
"category": "self",
"summary": "SUSE Bug 1226324",
"url": "https://bugzilla.suse.com/1226324"
},
{
"category": "self",
"summary": "SUSE Bug 1226325",
"url": "https://bugzilla.suse.com/1226325"
},
{
"category": "self",
"summary": "SUSE Bug 1226327",
"url": "https://bugzilla.suse.com/1226327"
},
{
"category": "self",
"summary": "SUSE Bug 1227471",
"url": "https://bugzilla.suse.com/1227471"
},
{
"category": "self",
"summary": "SUSE Bug 1228573",
"url": "https://bugzilla.suse.com/1228573"
},
{
"category": "self",
"summary": "SUSE Bug 1228786",
"url": "https://bugzilla.suse.com/1228786"
},
{
"category": "self",
"summary": "SUSE Bug 1229273",
"url": "https://bugzilla.suse.com/1229273"
},
{
"category": "self",
"summary": "SUSE Bug 1229275",
"url": "https://bugzilla.suse.com/1229275"
},
{
"category": "self",
"summary": "SUSE Bug 1229553",
"url": "https://bugzilla.suse.com/1229553"
},
{
"category": "self",
"summary": "SUSE Bug 1232637",
"url": "https://bugzilla.suse.com/1232637"
},
{
"category": "self",
"summary": "SUSE Bug 1233712",
"url": "https://bugzilla.suse.com/1233712"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47517 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47517/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47598 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48651 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48651/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48662 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52502 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52502/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52846 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6546 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26610 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35867 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36971 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)",
"tracking": {
"current_release_date": "2025-01-27T13:03:53Z",
"generator": {
"date": "2025-01-27T13:03:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0252-1",
"initial_release_date": "2025-01-27T13:03:53Z",
"revision_history": [
{
"date": "2025-01-27T13:03:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47517",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47517"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: do not perform operations on net devices being unregistered\n\nThere is a short period between a net device starts to be unregistered\nand when it is actually gone. In that time frame ethtool operations\ncould still be performed, which might end up in unwanted or undefined\nbehaviours[1].\n\nDo not allow ethtool operations after a net device starts its\nunregistration. This patch targets the netlink part as the ioctl one\nisn\u0027t affected: the reference to the net device is taken and the\noperation is executed within an rtnl lock section and the net device\nwon\u0027t be found after unregister.\n\n[1] For example adding Tx queues after unregister ends up in NULL\n pointer exceptions and UaFs, such as:\n\n BUG: KASAN: use-after-free in kobject_get+0x14/0x90\n Read of size 1 at addr ffff88801961248c by task ethtool/755\n\n CPU: 0 PID: 755 Comm: ethtool Not tainted 5.15.0-rc6+ #778\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/014\n Call Trace:\n dump_stack_lvl+0x57/0x72\n print_address_description.constprop.0+0x1f/0x140\n kasan_report.cold+0x7f/0x11b\n kobject_get+0x14/0x90\n kobject_add_internal+0x3d1/0x450\n kobject_init_and_add+0xba/0xf0\n netdev_queue_update_kobjects+0xcf/0x200\n netif_set_real_num_tx_queues+0xb4/0x310\n veth_set_channels+0x1c3/0x550\n ethnl_set_channels+0x524/0x610",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47517",
"url": "https://www.suse.com/security/cve/CVE-2021-47517"
},
{
"category": "external",
"summary": "SUSE Bug 1225428 for CVE-2021-47517",
"url": "https://bugzilla.suse.com/1225428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "moderate"
}
],
"title": "CVE-2021-47517"
},
{
"cve": "CVE-2021-47598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_cake: do not call cake_destroy() from cake_init()\n\nqdiscs are not supposed to call their own destroy() method\nfrom init(), because core stack already does that.\n\nsyzbot was able to trigger use after free:\n\nDEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock_common kernel/locking/mutex.c:586 [inline]\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nModules linked in:\nCPU: 0 PID: 21902 Comm: syz-executor189 Not tainted 5.16.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:__mutex_lock_common kernel/locking/mutex.c:586 [inline]\nRIP: 0010:__mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nCode: 08 84 d2 0f 85 19 08 00 00 8b 05 97 38 4b 04 85 c0 0f 85 27 f7 ff ff 48 c7 c6 20 00 ac 89 48 c7 c7 a0 fe ab 89 e8 bf 76 ba ff \u003c0f\u003e 0b e9 0d f7 ff ff 48 8b 44 24 40 48 8d b8 c8 08 00 00 48 89 f8\nRSP: 0018:ffffc9000627f290 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802315d700 RSI: ffffffff815f1db8 RDI: fffff52000c4fe44\nRBP: ffff88818f28e000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815ebb5e R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: ffffc9000627f458 R15: 0000000093c30000\nFS: 0000555556abc400(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fda689c3303 CR3: 000000001cfbb000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcf_chain0_head_change_cb_del+0x2e/0x3d0 net/sched/cls_api.c:810\n tcf_block_put_ext net/sched/cls_api.c:1381 [inline]\n tcf_block_put_ext net/sched/cls_api.c:1376 [inline]\n tcf_block_put+0xbc/0x130 net/sched/cls_api.c:1394\n cake_destroy+0x3f/0x80 net/sched/sch_cake.c:2695\n qdisc_create.constprop.0+0x9da/0x10f0 net/sched/sch_api.c:1293\n tc_modify_qdisc+0x4c5/0x1980 net/sched/sch_api.c:1660\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2496\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f1bb06badb9\nCode: Unable to access opcode bytes at RIP 0x7f1bb06bad8f.\nRSP: 002b:00007fff3012a658 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1bb06badb9\nRDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000003 R11: 0000000000000246 R12: 00007fff3012a688\nR13: 00007fff3012a6a0 R14: 00007fff3012a6e0 R15: 00000000000013c2\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47598",
"url": "https://www.suse.com/security/cve/CVE-2021-47598"
},
{
"category": "external",
"summary": "SUSE Bug 1226574 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1226574"
},
{
"category": "external",
"summary": "SUSE Bug 1227471 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1227471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2021-47598"
},
{
"cve": "CVE-2022-48651",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48651"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix out-of-bound bugs caused by unset skb-\u003emac_header\n\nIf an AF_PACKET socket is used to send packets through ipvlan and the\ndefault xmit function of the AF_PACKET socket is changed from\ndev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option\nname of PACKET_QDISC_BYPASS, the skb-\u003emac_header may not be reset and\nremains as the initial value of 65535, this may trigger slab-out-of-bounds\nbugs as following:\n\n=================================================================\nUG: KASAN: slab-out-of-bounds in ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nPU: 2 PID: 1768 Comm: raw_send Kdump: loaded Not tainted 6.0.0-rc4+ #6\nardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33\nall Trace:\nprint_address_description.constprop.0+0x1d/0x160\nprint_report.cold+0x4f/0x112\nkasan_report+0xa3/0x130\nipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nipvlan_start_xmit+0x29/0xa0 [ipvlan]\n__dev_direct_xmit+0x2e2/0x380\npacket_direct_xmit+0x22/0x60\npacket_snd+0x7c9/0xc40\nsock_sendmsg+0x9a/0xa0\n__sys_sendto+0x18a/0x230\n__x64_sys_sendto+0x74/0x90\ndo_syscall_64+0x3b/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe root cause is:\n 1. packet_snd() only reset skb-\u003emac_header when sock-\u003etype is SOCK_RAW\n and skb-\u003eprotocol is not specified as in packet_parse_headers()\n\n 2. packet_direct_xmit() doesn\u0027t reset skb-\u003emac_header as dev_queue_xmit()\n\nIn this case, skb-\u003emac_header is 65535 when ipvlan_xmit_mode_l2() is\ncalled. So when ipvlan_xmit_mode_l2() gets mac header with eth_hdr() which\nuse \"skb-\u003ehead + skb-\u003emac_header\", out-of-bound access occurs.\n\nThis patch replaces eth_hdr() with skb_eth_hdr() in ipvlan_xmit_mode_l2()\nand reset mac header in multicast to solve this out-of-bound bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48651",
"url": "https://www.suse.com/security/cve/CVE-2022-48651"
},
{
"category": "external",
"summary": "SUSE Bug 1223513 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223513"
},
{
"category": "external",
"summary": "SUSE Bug 1223514 for CVE-2022-48651",
"url": "https://bugzilla.suse.com/1223514"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2022-48651"
},
{
"cve": "CVE-2022-48662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48662"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gem: Really move i915_gem_context.link under ref protection\n\ni915_perf assumes that it can use the i915_gem_context reference to\nprotect its i915-\u003egem.contexts.list iteration. However, this requires\nthat we do not remove the context from the list until after we drop the\nfinal reference and release the struct. If, as currently, we remove the\ncontext from the list during context_close(), the link.next pointer may\nbe poisoned while we are holding the context reference and cause a GPF:\n\n[ 4070.573157] i915 0000:00:02.0: [drm:i915_perf_open_ioctl [i915]] filtering on ctx_id=0x1fffff ctx_id_mask=0x1fffff\n[ 4070.574881] general protection fault, probably for non-canonical address 0xdead000000000100: 0000 [#1] PREEMPT SMP\n[ 4070.574897] CPU: 1 PID: 284392 Comm: amd_performance Tainted: G E 5.17.9 #180\n[ 4070.574903] Hardware name: Intel Corporation NUC7i5BNK/NUC7i5BNB, BIOS BNKBL357.86A.0052.2017.0918.1346 09/18/2017\n[ 4070.574907] RIP: 0010:oa_configure_all_contexts.isra.0+0x222/0x350 [i915]\n[ 4070.574982] Code: 08 e8 32 6e 10 e1 4d 8b 6d 50 b8 ff ff ff ff 49 83 ed 50 f0 41 0f c1 04 24 83 f8 01 0f 84 e3 00 00 00 85 c0 0f 8e fa 00 00 00 \u003c49\u003e 8b 45 50 48 8d 70 b0 49 8d 45 50 48 39 44 24 10 0f 85 34 fe ff\n[ 4070.574990] RSP: 0018:ffffc90002077b78 EFLAGS: 00010202\n[ 4070.574995] RAX: 0000000000000002 RBX: 0000000000000002 RCX: 0000000000000000\n[ 4070.575000] RDX: 0000000000000001 RSI: ffffc90002077b20 RDI: ffff88810ddc7c68\n[ 4070.575004] RBP: 0000000000000001 R08: ffff888103242648 R09: fffffffffffffffc\n[ 4070.575008] R10: ffffffff82c50bc0 R11: 0000000000025c80 R12: ffff888101bf1860\n[ 4070.575012] R13: dead0000000000b0 R14: ffffc90002077c04 R15: ffff88810be5cabc\n[ 4070.575016] FS: 00007f1ed50c0780(0000) GS:ffff88885ec80000(0000) knlGS:0000000000000000\n[ 4070.575021] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4070.575025] CR2: 00007f1ed5590280 CR3: 000000010ef6f005 CR4: 00000000003706e0\n[ 4070.575029] Call Trace:\n[ 4070.575033] \u003cTASK\u003e\n[ 4070.575037] lrc_configure_all_contexts+0x13e/0x150 [i915]\n[ 4070.575103] gen8_enable_metric_set+0x4d/0x90 [i915]\n[ 4070.575164] i915_perf_open_ioctl+0xbc0/0x1500 [i915]\n[ 4070.575224] ? asm_common_interrupt+0x1e/0x40\n[ 4070.575232] ? i915_oa_init_reg_state+0x110/0x110 [i915]\n[ 4070.575290] drm_ioctl_kernel+0x85/0x110\n[ 4070.575296] ? update_load_avg+0x5f/0x5e0\n[ 4070.575302] drm_ioctl+0x1d3/0x370\n[ 4070.575307] ? i915_oa_init_reg_state+0x110/0x110 [i915]\n[ 4070.575382] ? gen8_gt_irq_handler+0x46/0x130 [i915]\n[ 4070.575445] __x64_sys_ioctl+0x3c4/0x8d0\n[ 4070.575451] ? __do_softirq+0xaa/0x1d2\n[ 4070.575456] do_syscall_64+0x35/0x80\n[ 4070.575461] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[ 4070.575467] RIP: 0033:0x7f1ed5c10397\n[ 4070.575471] Code: 3c 1c e8 1c ff ff ff 85 c0 79 87 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d a9 da 0d 00 f7 d8 64 89 01 48\n[ 4070.575478] RSP: 002b:00007ffd65c8d7a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n[ 4070.575484] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f1ed5c10397\n[ 4070.575488] RDX: 00007ffd65c8d7c0 RSI: 0000000040106476 RDI: 0000000000000006\n[ 4070.575492] RBP: 00005620972f9c60 R08: 000000000000000a R09: 0000000000000005\n[ 4070.575496] R10: 000000000000000d R11: 0000000000000246 R12: 000000000000000a\n[ 4070.575500] R13: 000000000000000d R14: 0000000000000000 R15: 00007ffd65c8d7c0\n[ 4070.575505] \u003c/TASK\u003e\n[ 4070.575507] Modules linked in: nls_ascii(E) nls_cp437(E) vfat(E) fat(E) i915(E) x86_pkg_temp_thermal(E) intel_powerclamp(E) crct10dif_pclmul(E) crc32_pclmul(E) crc32c_intel(E) aesni_intel(E) crypto_simd(E) intel_gtt(E) cryptd(E) ttm(E) rapl(E) intel_cstate(E) drm_kms_helper(E) cfbfillrect(E) syscopyarea(E) cfbimgblt(E) intel_uncore(E) sysfillrect(E) mei_me(E) sysimgblt(E) i2c_i801(E) fb_sys_fops(E) mei(E) intel_pch_thermal(E) i2c_smbus\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48662",
"url": "https://www.suse.com/security/cve/CVE-2022-48662"
},
{
"category": "external",
"summary": "SUSE Bug 1223505 for CVE-2022-48662",
"url": "https://bugzilla.suse.com/1223505"
},
{
"category": "external",
"summary": "SUSE Bug 1223521 for CVE-2022-48662",
"url": "https://bugzilla.suse.com/1223521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2022-48662"
},
{
"cve": "CVE-2022-48956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid use-after-free in ip6_fragment()\n\nBlamed commit claimed rcu_read_lock() was held by ip6_fragment() callers.\n\nIt seems to not be always true, at least for UDP stack.\n\nsyzbot reported:\n\nBUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline]\nBUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\nRead of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618\n\nCPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x15e/0x45d mm/kasan/report.c:395\n kasan_report+0xbf/0x1f0 mm/kasan/report.c:495\n ip6_dst_idev include/net/ip6_fib.h:245 [inline]\n ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\n __ip6_finish_output net/ipv6/ip6_output.c:193 [inline]\n ip6_finish_output+0x9a3/0x1170 net/ipv6/ip6_output.c:206\n NF_HOOK_COND include/linux/netfilter.h:291 [inline]\n ip6_output+0x1f1/0x540 net/ipv6/ip6_output.c:227\n dst_output include/net/dst.h:445 [inline]\n ip6_local_out+0xb3/0x1a0 net/ipv6/output_core.c:161\n ip6_send_skb+0xbb/0x340 net/ipv6/ip6_output.c:1966\n udp_v6_send_skb+0x82a/0x18a0 net/ipv6/udp.c:1286\n udp_v6_push_pending_frames+0x140/0x200 net/ipv6/udp.c:1313\n udpv6_sendmsg+0x18da/0x2c80 net/ipv6/udp.c:1606\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0xd3/0x120 net/socket.c:734\n sock_write_iter+0x295/0x3d0 net/socket.c:1108\n call_write_iter include/linux/fs.h:2191 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x9ed/0xdd0 fs/read_write.c:584\n ksys_write+0x1ec/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fde3588c0d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fde365b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fde359ac050 RCX: 00007fde3588c0d9\nRDX: 000000000000ffdc RSI: 00000000200000c0 RDI: 000000000000000a\nRBP: 00007fde358e7ae9 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fde35acfb1f R14: 00007fde365b6300 R15: 0000000000022000\n \u003c/TASK\u003e\n\nAllocated by task 7618:\n kasan_save_stack+0x22/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x82/0x90 mm/kasan/common.c:325\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3398 [inline]\n slab_alloc mm/slub.c:3406 [inline]\n __kmem_cache_alloc_lru mm/slub.c:3413 [inline]\n kmem_cache_alloc+0x2b4/0x3d0 mm/slub.c:3422\n dst_alloc+0x14a/0x1f0 net/core/dst.c:92\n ip6_dst_alloc+0x32/0xa0 net/ipv6/route.c:344\n ip6_rt_pcpu_alloc net/ipv6/route.c:1369 [inline]\n rt6_make_pcpu_route net/ipv6/route.c:1417 [inline]\n ip6_pol_route+0x901/0x1190 net/ipv6/route.c:2254\n pol_lookup_func include/net/ip6_fib.h:582 [inline]\n fib6_rule_lookup+0x52e/0x6f0 net/ipv6/fib6_rules.c:121\n ip6_route_output_flags_noref+0x2e6/0x380 net/ipv6/route.c:2625\n ip6_route_output_flags+0x76/0x320 net/ipv6/route.c:2638\n ip6_route_output include/net/ip6_route.h:98 [inline]\n ip6_dst_lookup_tail+0x5ab/0x1620 net/ipv6/ip6_output.c:1092\n ip6_dst_lookup_flow+0x90/0x1d0 net/ipv6/ip6_output.c:1222\n ip6_sk_dst_lookup_flow+0x553/0x980 net/ipv6/ip6_output.c:1260\n udpv6_sendmsg+0x151d/0x2c80 net/ipv6/udp.c:1554\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48956",
"url": "https://www.suse.com/security/cve/CVE-2022-48956"
},
{
"category": "external",
"summary": "SUSE Bug 1231893 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1231893"
},
{
"category": "external",
"summary": "SUSE Bug 1232799 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1232799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2022-48956"
},
{
"cve": "CVE-2023-52502",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52502"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()\n\nSili Luo reported a race in nfc_llcp_sock_get(), leading to UAF.\n\nGetting a reference on the socket found in a lookup while\nholding a lock should happen before releasing the lock.\n\nnfc_llcp_sock_get_sn() has a similar problem.\n\nFinally nfc_llcp_recv_snl() needs to make sure the socket\nfound by nfc_llcp_sock_from_sn() does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52502",
"url": "https://www.suse.com/security/cve/CVE-2023-52502"
},
{
"category": "external",
"summary": "SUSE Bug 1220831 for CVE-2023-52502",
"url": "https://bugzilla.suse.com/1220831"
},
{
"category": "external",
"summary": "SUSE Bug 1220832 for CVE-2023-52502",
"url": "https://bugzilla.suse.com/1220832"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2023-52502",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2023-52502",
"url": "https://bugzilla.suse.com/1224878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2023-52502"
},
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2023-52846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Prevent use after free in prp_create_tagged_frame()\n\nThe prp_fill_rct() function can fail. In that situation, it frees the\nskb and returns NULL. Meanwhile on the success path, it returns the\noriginal skb. So it\u0027s straight forward to fix bug by using the returned\nvalue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52846",
"url": "https://www.suse.com/security/cve/CVE-2023-52846"
},
{
"category": "external",
"summary": "SUSE Bug 1225098 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225098"
},
{
"category": "external",
"summary": "SUSE Bug 1225099 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2023-52846"
},
{
"cve": "CVE-2023-6546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6546"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6546",
"url": "https://www.suse.com/security/cve/CVE-2023-6546"
},
{
"category": "external",
"summary": "SUSE Bug 1218335 for CVE-2023-6546",
"url": "https://bugzilla.suse.com/1218335"
},
{
"category": "external",
"summary": "SUSE Bug 1222685 for CVE-2023-6546",
"url": "https://bugzilla.suse.com/1222685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2023-6546"
},
{
"cve": "CVE-2024-23307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23307"
}
],
"notes": [
{
"category": "general",
"text": "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23307",
"url": "https://www.suse.com/security/cve/CVE-2024-23307"
},
{
"category": "external",
"summary": "SUSE Bug 1219169 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1219169"
},
{
"category": "external",
"summary": "SUSE Bug 1220145 for CVE-2024-23307",
"url": "https://bugzilla.suse.com/1220145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-23307"
},
{
"cve": "CVE-2024-26610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix a memory corruption\n\niwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that\nif we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in\nbytes, we\u0027ll write past the buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26610",
"url": "https://www.suse.com/security/cve/CVE-2024-26610"
},
{
"category": "external",
"summary": "SUSE Bug 1221299 for CVE-2024-26610",
"url": "https://bugzilla.suse.com/1221299"
},
{
"category": "external",
"summary": "SUSE Bug 1221302 for CVE-2024-26610",
"url": "https://bugzilla.suse.com/1221302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-26610"
},
{
"cve": "CVE-2024-26828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need. However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t. That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26828",
"url": "https://www.suse.com/security/cve/CVE-2024-26828"
},
{
"category": "external",
"summary": "SUSE Bug 1223084 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "external",
"summary": "SUSE Bug 1223363 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26852",
"url": "https://www.suse.com/security/cve/CVE-2024-26852"
},
{
"category": "external",
"summary": "SUSE Bug 1223057 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "external",
"summary": "SUSE Bug 1223059 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix garbage collector racing against connect()\n\nGarbage collector does not take into account the risk of embryo getting\nenqueued during the garbage collection. If such embryo has a peer that\ncarries SCM_RIGHTS, two consecutive passes of scan_children() may see a\ndifferent set of children. Leading to an incorrectly elevated inflight\ncount, and then a dangling pointer within the gc_inflight_list.\n\nsockets are AF_UNIX/SOCK_STREAM\nS is an unconnected socket\nL is a listening in-flight socket bound to addr, not in fdtable\nV\u0027s fd will be passed via sendmsg(), gets inflight count bumped\n\nconnect(S, addr)\tsendmsg(S, [V]); close(V)\t__unix_gc()\n----------------\t-------------------------\t-----------\n\nNS = unix_create1()\nskb1 = sock_wmalloc(NS)\nL = unix_find_other(addr)\nunix_state_lock(L)\nunix_peer(S) = NS\n\t\t\t// V count=1 inflight=0\n\n \t\t\tNS = unix_peer(S)\n \t\t\tskb2 = sock_alloc()\n\t\t\tskb_queue_tail(NS, skb2[V])\n\n\t\t\t// V became in-flight\n\t\t\t// V count=2 inflight=1\n\n\t\t\tclose(V)\n\n\t\t\t// V count=1 inflight=1\n\t\t\t// GC candidate condition met\n\n\t\t\t\t\t\tfor u in gc_inflight_list:\n\t\t\t\t\t\t if (total_refs == inflight_refs)\n\t\t\t\t\t\t add u to gc_candidates\n\n\t\t\t\t\t\t// gc_candidates={L, V}\n\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t scan_children(u, dec_inflight)\n\n\t\t\t\t\t\t// embryo (skb1) was not\n\t\t\t\t\t\t// reachable from L yet, so V\u0027s\n\t\t\t\t\t\t// inflight remains unchanged\n__skb_queue_tail(L, skb1)\nunix_state_unlock(L)\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t if (u.inflight)\n\t\t\t\t\t\t scan_children(u, inc_inflight_move_tail)\n\n\t\t\t\t\t\t// V count=1 inflight=2 (!)\n\nIf there is a GC-candidate listening socket, lock/unlock its state. This\nmakes GC wait until the end of any ongoing connect() to that socket. After\nflipping the lock, a possibly SCM-laden embryo is already enqueued. And if\nthere is another embryo coming, it can not possibly carry SCM_RIGHTS. At\nthis point, unix_inflight() can not happen because unix_gc_lock is already\ntaken. Inflight graph remains unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26923",
"url": "https://www.suse.com/security/cve/CVE-2024-26923"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1223683 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-26930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer\n\nCoverity scan reported potential risk of double free of the pointer\nha-\u003evp_map. ha-\u003evp_map was freed in qla2x00_mem_alloc(), and again freed\nin function qla2x00_mem_free(ha).\n\nAssign NULL to vp_map and kfree take care of NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26930",
"url": "https://www.suse.com/security/cve/CVE-2024-26930"
},
{
"category": "external",
"summary": "SUSE Bug 1223626 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "external",
"summary": "SUSE Bug 1223681 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-26930"
},
{
"cve": "CVE-2024-27398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n Cleanup Thread | Worker Thread\nsco_sock_release |\n sco_sock_close |\n __sco_sock_close |\n sco_sock_set_timer |\n schedule_delayed_work |\n sco_sock_kill | (wait a time)\n sock_put(sk) //FREE | sco_sock_timeout\n | sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[ 95.890016] ==================================================================\n[ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[ 95.890755] Workqueue: events sco_sock_timeout\n[ 95.890755] Call Trace:\n[ 95.890755] \u003cTASK\u003e\n[ 95.890755] dump_stack_lvl+0x45/0x110\n[ 95.890755] print_address_description+0x78/0x390\n[ 95.890755] print_report+0x11b/0x250\n[ 95.890755] ? __virt_addr_valid+0xbe/0xf0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_report+0x139/0x170\n[ 95.890755] ? update_load_avg+0xe5/0x9f0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_check_range+0x2c3/0x2e0\n[ 95.890755] sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] process_one_work+0x561/0xc50\n[ 95.890755] worker_thread+0xab2/0x13c0\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] kthread+0x279/0x300\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork+0x34/0x60\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork_asm+0x11/0x20\n[ 95.890755] \u003c/TASK\u003e\n[ 95.890755]\n[ 95.890755] Allocated by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] __kasan_kmalloc+0x86/0x90\n[ 95.890755] __kmalloc+0x17f/0x360\n[ 95.890755] sk_prot_alloc+0xe1/0x1a0\n[ 95.890755] sk_alloc+0x31/0x4e0\n[ 95.890755] bt_sock_alloc+0x2b/0x2a0\n[ 95.890755] sco_sock_create+0xad/0x320\n[ 95.890755] bt_sock_create+0x145/0x320\n[ 95.890755] __sock_create+0x2e1/0x650\n[ 95.890755] __sys_socket+0xd0/0x280\n[ 95.890755] __x64_sys_socket+0x75/0x80\n[ 95.890755] do_syscall_64+0xc4/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] Freed by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] kasan_save_free_info+0x40/0x50\n[ 95.890755] poison_slab_object+0x118/0x180\n[ 95.890755] __kasan_slab_free+0x12/0x30\n[ 95.890755] kfree+0xb2/0x240\n[ 95.890755] __sk_destruct+0x317/0x410\n[ 95.890755] sco_sock_release+0x232/0x280\n[ 95.890755] sock_close+0xb2/0x210\n[ 95.890755] __fput+0x37f/0x770\n[ 95.890755] task_work_run+0x1ae/0x210\n[ 95.890755] get_signal+0xe17/0xf70\n[ 95.890755] arch_do_signal_or_restart+0x3f/0x520\n[ 95.890755] syscall_exit_to_user_mode+0x55/0x120\n[ 95.890755] do_syscall_64+0xd1/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the object at ffff88800c388000\n[ 95.890755] which belongs to the cache kmalloc-1k of size 1024\n[ 95.890755] The buggy address is located 128 bytes inside of\n[ 95.890755] freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the physical page:\n[ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 95.890755] ano\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27398",
"url": "https://www.suse.com/security/cve/CVE-2024-27398"
},
{
"category": "external",
"summary": "SUSE Bug 1224174 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "external",
"summary": "SUSE Bug 1225013 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1225013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-35817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag\n\nOtherwise after the GTT bo is released, the GTT and gart space is freed\nbut amdgpu_ttm_backend_unbind will not clear the gart page table entry\nand leave valid mapping entry pointing to the stale system page. Then\nif GPU access the gart address mistakely, it will read undefined value\ninstead page fault, harder to debug and reproduce the real issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35817",
"url": "https://www.suse.com/security/cve/CVE-2024-35817"
},
{
"category": "external",
"summary": "SUSE Bug 1224736 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1224736"
},
{
"category": "external",
"summary": "SUSE Bug 1225313 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1225313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-35817"
},
{
"cve": "CVE-2024-35861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35861",
"url": "https://www.suse.com/security/cve/CVE-2024-35861"
},
{
"category": "external",
"summary": "SUSE Bug 1224766 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "external",
"summary": "SUSE Bug 1225312 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1225312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-35861"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35863",
"url": "https://www.suse.com/security/cve/CVE-2024-35863"
},
{
"category": "external",
"summary": "SUSE Bug 1224763 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "external",
"summary": "SUSE Bug 1225011 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1225011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-35863"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35867",
"url": "https://www.suse.com/security/cve/CVE-2024-35867"
},
{
"category": "external",
"summary": "SUSE Bug 1224664 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "external",
"summary": "SUSE Bug 1225012 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1225012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-35867"
},
{
"cve": "CVE-2024-35905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Protect against int overflow for stack access size\n\nThis patch re-introduces protection against the size of access to stack\nmemory being negative; the access size can appear negative as a result\nof overflowing its signed int representation. This should not actually\nhappen, as there are other protections along the way, but we should\nprotect against it anyway. One code path was missing such protections\n(fixed in the previous patch in the series), causing out-of-bounds array\naccesses in check_stack_range_initialized(). This patch causes the\nverification of a program with such a non-sensical access size to fail.\n\nThis check used to exist in a more indirect way, but was inadvertendly\nremoved in a833a17aeac7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35905",
"url": "https://www.suse.com/security/cve/CVE-2024-35905"
},
{
"category": "external",
"summary": "SUSE Bug 1224488 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "external",
"summary": "SUSE Bug 1226327 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1226327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-35905"
},
{
"cve": "CVE-2024-35949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: make sure that WRITTEN is set on all metadata blocks\n\nWe previously would call btrfs_check_leaf() if we had the check\nintegrity code enabled, which meant that we could only run the extended\nleaf checks if we had WRITTEN set on the header flags.\n\nThis leaves a gap in our checking, because we could end up with\ncorruption on disk where WRITTEN isn\u0027t set on the leaf, and then the\nextended leaf checks don\u0027t get run which we rely on to validate all of\nthe item pointers to make sure we don\u0027t access memory outside of the\nextent buffer.\n\nHowever, since 732fab95abe2 (\"btrfs: check-integrity: remove\nCONFIG_BTRFS_FS_CHECK_INTEGRITY option\") we no longer call\nbtrfs_check_leaf() from btrfs_mark_buffer_dirty(), which means we only\never call it on blocks that are being written out, and thus have WRITTEN\nset, or that are being read in, which should have WRITTEN set.\n\nAdd checks to make sure we have WRITTEN set appropriately, and then make\nsure __btrfs_check_leaf() always does the item checking. This will\nprotect us from file systems that have been corrupted and no longer have\nWRITTEN set on some of the blocks.\n\nThis was hit on a crafted image tweaking the WRITTEN bit and reported by\nKASAN as out-of-bound access in the eb accessors. The example is a dir\nitem at the end of an eb.\n\n [2.042] BTRFS warning (device loop1): bad eb member start: ptr 0x3fff start 30572544 member offset 16410 size 2\n [2.040] general protection fault, probably for non-canonical address 0xe0009d1000000003: 0000 [#1] PREEMPT SMP KASAN NOPTI\n [2.537] KASAN: maybe wild-memory-access in range [0x0005088000000018-0x000508800000001f]\n [2.729] CPU: 0 PID: 2587 Comm: mount Not tainted 6.8.2 #1\n [2.729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n [2.621] RIP: 0010:btrfs_get_16+0x34b/0x6d0\n [2.621] RSP: 0018:ffff88810871fab8 EFLAGS: 00000206\n [2.621] RAX: 0000a11000000003 RBX: ffff888104ff8720 RCX: ffff88811b2288c0\n [2.621] RDX: dffffc0000000000 RSI: ffffffff81dd8aca RDI: ffff88810871f748\n [2.621] RBP: 000000000000401a R08: 0000000000000001 R09: ffffed10210e3ee9\n [2.621] R10: ffff88810871f74f R11: 205d323430333737 R12: 000000000000001a\n [2.621] R13: 000508800000001a R14: 1ffff110210e3f5d R15: ffffffff850011e8\n [2.621] FS: 00007f56ea275840(0000) GS:ffff88811b200000(0000) knlGS:0000000000000000\n [2.621] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [2.621] CR2: 00007febd13b75c0 CR3: 000000010bb50000 CR4: 00000000000006f0\n [2.621] Call Trace:\n [2.621] \u003cTASK\u003e\n [2.621] ? show_regs+0x74/0x80\n [2.621] ? die_addr+0x46/0xc0\n [2.621] ? exc_general_protection+0x161/0x2a0\n [2.621] ? asm_exc_general_protection+0x26/0x30\n [2.621] ? btrfs_get_16+0x33a/0x6d0\n [2.621] ? btrfs_get_16+0x34b/0x6d0\n [2.621] ? btrfs_get_16+0x33a/0x6d0\n [2.621] ? __pfx_btrfs_get_16+0x10/0x10\n [2.621] ? __pfx_mutex_unlock+0x10/0x10\n [2.621] btrfs_match_dir_item_name+0x101/0x1a0\n [2.621] btrfs_lookup_dir_item+0x1f3/0x280\n [2.621] ? __pfx_btrfs_lookup_dir_item+0x10/0x10\n [2.621] btrfs_get_tree+0xd25/0x1910\n\n[ copy more details from report ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35949",
"url": "https://www.suse.com/security/cve/CVE-2024-35949"
},
{
"category": "external",
"summary": "SUSE Bug 1224700 for CVE-2024-35949",
"url": "https://bugzilla.suse.com/1224700"
},
{
"category": "external",
"summary": "SUSE Bug 1229273 for CVE-2024-35949",
"url": "https://bugzilla.suse.com/1229273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-35949"
},
{
"cve": "CVE-2024-35950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev-\u003emode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors\u0027\nmode lists, which are protected by dev-\u003emode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35950",
"url": "https://www.suse.com/security/cve/CVE-2024-35950"
},
{
"category": "external",
"summary": "SUSE Bug 1224703 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "external",
"summary": "SUSE Bug 1225310 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1225310"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-36899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: Fix use after free in lineinfo_changed_notify\n\nThe use-after-free issue occurs as follows: when the GPIO chip device file\nis being closed by invoking gpio_chrdev_release(), watched_lines is freed\nby bitmap_free(), but the unregistration of lineinfo_changed_nb notifier\nchain failed due to waiting write rwsem. Additionally, one of the GPIO\nchip\u0027s lines is also in the release process and holds the notifier chain\u0027s\nread rwsem. Consequently, a race condition leads to the use-after-free of\nwatched_lines.\n\nHere is the typical stack when issue happened:\n\n[free]\ngpio_chrdev_release()\n --\u003e bitmap_free(cdev-\u003ewatched_lines) \u003c-- freed\n --\u003e blocking_notifier_chain_unregister()\n --\u003e down_write(\u0026nh-\u003erwsem) \u003c-- waiting rwsem\n --\u003e __down_write_common()\n --\u003e rwsem_down_write_slowpath()\n --\u003e schedule_preempt_disabled()\n --\u003e schedule()\n\n[use]\nst54spi_gpio_dev_release()\n --\u003e gpio_free()\n --\u003e gpiod_free()\n --\u003e gpiod_free_commit()\n --\u003e gpiod_line_state_notify()\n --\u003e blocking_notifier_call_chain()\n --\u003e down_read(\u0026nh-\u003erwsem); \u003c-- held rwsem\n --\u003e notifier_call_chain()\n --\u003e lineinfo_changed_notify()\n --\u003e test_bit(xxxx, cdev-\u003ewatched_lines) \u003c-- use after free\n\nThe side effect of the use-after-free issue is that a GPIO line event is\nbeing generated for userspace where it shouldn\u0027t. However, since the chrdev\nis being closed, userspace won\u0027t have the chance to read that event anyway.\n\nTo fix the issue, call the bitmap_free() function after the unregistration\nof lineinfo_changed_nb notifier chain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36899",
"url": "https://www.suse.com/security/cve/CVE-2024-36899"
},
{
"category": "external",
"summary": "SUSE Bug 1225737 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225737"
},
{
"category": "external",
"summary": "SUSE Bug 1225739 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-36899"
},
{
"cve": "CVE-2024-36904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Use refcount_inc_not_zero() in tcp_twsk_unique().\n\nAnderson Nascimento reported a use-after-free splat in tcp_twsk_unique()\nwith nice analysis.\n\nSince commit ec94c2696f0b (\"tcp/dccp: avoid one atomic operation for\ntimewait hashdance\"), inet_twsk_hashdance() sets TIME-WAIT socket\u0027s\nsk_refcnt after putting it into ehash and releasing the bucket lock.\n\nThus, there is a small race window where other threads could try to\nreuse the port during connect() and call sock_hold() in tcp_twsk_unique()\nfor the TIME-WAIT socket with zero refcnt.\n\nIf that happens, the refcnt taken by tcp_twsk_unique() is overwritten\nand sock_put() will cause underflow, triggering a real use-after-free\nsomewhere else.\n\nTo avoid the use-after-free, we need to use refcount_inc_not_zero() in\ntcp_twsk_unique() and give up on reusing the port if it returns false.\n\n[0]:\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 0 PID: 1039313 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110\nCPU: 0 PID: 1039313 Comm: trigger Not tainted 6.8.6-200.fc39.x86_64 #1\nHardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.21805430.B64.2305221830 05/22/2023\nRIP: 0010:refcount_warn_saturate+0xe5/0x110\nCode: 42 8e ff 0f 0b c3 cc cc cc cc 80 3d aa 13 ea 01 00 0f 85 5e ff ff ff 48 c7 c7 f8 8e b7 82 c6 05 96 13 ea 01 01 e8 7b 42 8e ff \u003c0f\u003e 0b c3 cc cc cc cc 48 c7 c7 50 8f b7 82 c6 05 7a 13 ea 01 01 e8\nRSP: 0018:ffffc90006b43b60 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888009bb3ef0 RCX: 0000000000000027\nRDX: ffff88807be218c8 RSI: 0000000000000001 RDI: ffff88807be218c0\nRBP: 0000000000069d70 R08: 0000000000000000 R09: ffffc90006b439f0\nR10: ffffc90006b439e8 R11: 0000000000000003 R12: ffff8880029ede84\nR13: 0000000000004e20 R14: ffffffff84356dc0 R15: ffff888009bb3ef0\nFS: 00007f62c10926c0(0000) GS:ffff88807be00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020ccb000 CR3: 000000004628c005 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xe5/0x110\n ? __warn+0x81/0x130\n ? refcount_warn_saturate+0xe5/0x110\n ? report_bug+0x171/0x1a0\n ? refcount_warn_saturate+0xe5/0x110\n ? handle_bug+0x3c/0x80\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? refcount_warn_saturate+0xe5/0x110\n tcp_twsk_unique+0x186/0x190\n __inet_check_established+0x176/0x2d0\n __inet_hash_connect+0x74/0x7d0\n ? __pfx___inet_check_established+0x10/0x10\n tcp_v4_connect+0x278/0x530\n __inet_stream_connect+0x10f/0x3d0\n inet_stream_connect+0x3a/0x60\n __sys_connect+0xa8/0xd0\n __x64_sys_connect+0x18/0x20\n do_syscall_64+0x83/0x170\n entry_SYSCALL_64_after_hwframe+0x78/0x80\nRIP: 0033:0x7f62c11a885d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d a3 45 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007f62c1091e58 EFLAGS: 00000296 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000020ccb004 RCX: 00007f62c11a885d\nRDX: 0000000000000010 RSI: 0000000020ccb000 RDI: 0000000000000003\nRBP: 00007f62c1091e90 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000296 R12: 00007f62c10926c0\nR13: ffffffffffffff88 R14: 0000000000000000 R15: 00007ffe237885b0\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36904",
"url": "https://www.suse.com/security/cve/CVE-2024-36904"
},
{
"category": "external",
"summary": "SUSE Bug 1225732 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225732"
},
{
"category": "external",
"summary": "SUSE Bug 1225733 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-36904"
},
{
"cve": "CVE-2024-36964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36964",
"url": "https://www.suse.com/security/cve/CVE-2024-36964"
},
{
"category": "external",
"summary": "SUSE Bug 1225866 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "external",
"summary": "SUSE Bug 1226325 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1226325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-36971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix __dst_negative_advice() race\n\n__dst_negative_advice() does not enforce proper RCU rules when\nsk-\u003edst_cache must be cleared, leading to possible UAF.\n\nRCU rules are that we must first clear sk-\u003esk_dst_cache,\nthen call dst_release(old_dst).\n\nNote that sk_dst_reset(sk) is implementing this protocol correctly,\nwhile __dst_negative_advice() uses the wrong order.\n\nGiven that ip6_negative_advice() has special logic\nagainst RTF_CACHE, this means each of the three -\u003enegative_advice()\nexisting methods must perform the sk_dst_reset() themselves.\n\nNote the check against NULL dst is centralized in\n__dst_negative_advice(), there is no need to duplicate\nit in various callbacks.\n\nMany thanks to Clement Lecigne for tracking this issue.\n\nThis old bug became visible after the blamed commit, using UDP sockets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36971",
"url": "https://www.suse.com/security/cve/CVE-2024-36971"
},
{
"category": "external",
"summary": "SUSE Bug 1226145 for CVE-2024-36971",
"url": "https://bugzilla.suse.com/1226145"
},
{
"category": "external",
"summary": "SUSE Bug 1226324 for CVE-2024-36971",
"url": "https://bugzilla.suse.com/1226324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-36971"
},
{
"cve": "CVE-2024-40954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not leave a dangling sk pointer, when socket creation fails\n\nIt is possible to trigger a use-after-free by:\n * attaching an fentry probe to __sock_release() and the probe calling the\n bpf_get_socket_cookie() helper\n * running traceroute -I 1.1.1.1 on a freshly booted VM\n\nA KASAN enabled kernel will log something like below (decoded and stripped):\n==================================================================\nBUG: KASAN: slab-use-after-free in __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nRead of size 8 at addr ffff888007110dd8 by task traceroute/299\n\nCPU: 2 PID: 299 Comm: traceroute Tainted: G E 6.10.0-rc2+ #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\nprint_report (mm/kasan/report.c:378 mm/kasan/report.c:488)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_report (mm/kasan/report.c:603)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_check_range (mm/kasan/generic.c:183 mm/kasan/generic.c:189)\n__sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nbpf_get_socket_ptr_cookie (./arch/x86/include/asm/preempt.h:94 ./include/linux/sock_diag.h:42 net/core/filter.c:5094 net/core/filter.c:5092)\nbpf_prog_875642cf11f1d139___sock_release+0x6e/0x8e\nbpf_trampoline_6442506592+0x47/0xaf\n__sock_release (net/socket.c:652)\n__sock_create (net/socket.c:1601)\n...\nAllocated by task 299 on cpu 2 at 78.328492s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\n__kasan_slab_alloc (mm/kasan/common.c:312 mm/kasan/common.c:338)\nkmem_cache_alloc_noprof (mm/slub.c:3941 mm/slub.c:4000 mm/slub.c:4007)\nsk_prot_alloc (net/core/sock.c:2075)\nsk_alloc (net/core/sock.c:2134)\ninet_create (net/ipv4/af_inet.c:327 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFreed by task 299 on cpu 2 at 78.328502s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\nkasan_save_free_info (mm/kasan/generic.c:582)\npoison_slab_object (mm/kasan/common.c:242)\n__kasan_slab_free (mm/kasan/common.c:256)\nkmem_cache_free (mm/slub.c:4437 mm/slub.c:4511)\n__sk_destruct (net/core/sock.c:2117 net/core/sock.c:2208)\ninet_create (net/ipv4/af_inet.c:397 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by clearing the struct socket reference in sk_common_release() to cover\nall protocol families create functions, which may already attached the\nreference to the sk object with sock_init_data().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40954",
"url": "https://www.suse.com/security/cve/CVE-2024-40954"
},
{
"category": "external",
"summary": "SUSE Bug 1227808 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1227808"
},
{
"category": "external",
"summary": "SUSE Bug 1228786 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1228786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-40954"
},
{
"cve": "CVE-2024-41057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie()\n\nWe got the following issue in our fault injection stress test:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in cachefiles_withdraw_cookie+0x4d9/0x600\nRead of size 8 at addr ffff888118efc000 by task kworker/u78:0/109\n\nCPU: 13 PID: 109 Comm: kworker/u78:0 Not tainted 6.8.0-dirty #566\nCall Trace:\n \u003cTASK\u003e\n kasan_report+0x93/0xc0\n cachefiles_withdraw_cookie+0x4d9/0x600\n fscache_cookie_state_machine+0x5c8/0x1230\n fscache_cookie_worker+0x91/0x1c0\n process_one_work+0x7fa/0x1800\n [...]\n\nAllocated by task 117:\n kmalloc_trace+0x1b3/0x3c0\n cachefiles_acquire_volume+0xf3/0x9c0\n fscache_create_volume_work+0x97/0x150\n process_one_work+0x7fa/0x1800\n [...]\n\nFreed by task 120301:\n kfree+0xf1/0x2c0\n cachefiles_withdraw_cache+0x3fa/0x920\n cachefiles_put_unbind_pincount+0x1f6/0x250\n cachefiles_daemon_release+0x13b/0x290\n __fput+0x204/0xa00\n task_work_run+0x139/0x230\n do_exit+0x87a/0x29b0\n [...]\n==================================================================\n\nFollowing is the process that triggers the issue:\n\n p1 | p2\n------------------------------------------------------------\n fscache_begin_lookup\n fscache_begin_volume_access\n fscache_cache_is_live(fscache_cache)\ncachefiles_daemon_release\n cachefiles_put_unbind_pincount\n cachefiles_daemon_unbind\n cachefiles_withdraw_cache\n fscache_withdraw_cache\n fscache_set_cache_state(cache, FSCACHE_CACHE_IS_WITHDRAWN);\n cachefiles_withdraw_objects(cache)\n fscache_wait_for_objects(fscache)\n atomic_read(\u0026fscache_cache-\u003eobject_count) == 0\n fscache_perform_lookup\n cachefiles_lookup_cookie\n cachefiles_alloc_object\n refcount_set(\u0026object-\u003eref, 1);\n object-\u003evolume = volume\n fscache_count_object(vcookie-\u003ecache);\n atomic_inc(\u0026fscache_cache-\u003eobject_count)\n cachefiles_withdraw_volumes\n cachefiles_withdraw_volume\n fscache_withdraw_volume\n __cachefiles_free_volume\n kfree(cachefiles_volume)\n fscache_cookie_state_machine\n cachefiles_withdraw_cookie\n cache = object-\u003evolume-\u003ecache;\n // cachefiles_volume UAF !!!\n\nAfter setting FSCACHE_CACHE_IS_WITHDRAWN, wait for all the cookie lookups\nto complete first, and then wait for fscache_cache-\u003eobject_count == 0 to\navoid the cookie exiting after the volume has been freed and triggering\nthe above issue. Therefore call fscache_withdraw_volume() before calling\ncachefiles_withdraw_objects().\n\nThis way, after setting FSCACHE_CACHE_IS_WITHDRAWN, only the following two\ncases will occur:\n1) fscache_begin_lookup fails in fscache_begin_volume_access().\n2) fscache_withdraw_volume() will ensure that fscache_count_object() has\n been executed before calling fscache_wait_for_objects().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41057",
"url": "https://www.suse.com/security/cve/CVE-2024-41057"
},
{
"category": "external",
"summary": "SUSE Bug 1228462 for CVE-2024-41057",
"url": "https://bugzilla.suse.com/1228462"
},
{
"category": "external",
"summary": "SUSE Bug 1229275 for CVE-2024-41057",
"url": "https://bugzilla.suse.com/1229275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-41057"
},
{
"cve": "CVE-2024-41059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix uninit-value in copy_name\n\n[syzbot reported]\nBUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160\n sized_strscpy+0xc4/0x160\n copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411\n hfsplus_listxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3877 [inline]\n slab_alloc_node mm/slub.c:3918 [inline]\n kmalloc_trace+0x57b/0xbe0 mm/slub.c:4065\n kmalloc include/linux/slab.h:628 [inline]\n hfsplus_listxattr+0x4cc/0x1a50 fs/hfsplus/xattr.c:699\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[Fix]\nWhen allocating memory to strbuf, initialize memory to 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41059",
"url": "https://www.suse.com/security/cve/CVE-2024-41059"
},
{
"category": "external",
"summary": "SUSE Bug 1228561 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228561"
},
{
"category": "external",
"summary": "SUSE Bug 1228573 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-41059"
},
{
"cve": "CVE-2024-43861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: qmi_wwan: fix memory leak for not ip packets\n\nFree the unused skb when not ip packets arrive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43861",
"url": "https://www.suse.com/security/cve/CVE-2024-43861"
},
{
"category": "external",
"summary": "SUSE Bug 1229500 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229500"
},
{
"category": "external",
"summary": "SUSE Bug 1229553 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-43861"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-11-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-27T13:03:53Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
}
]
}
SUSE-SU-2025:4123-1
Vulnerability from csaf_suse - Published: 2025-11-18 02:04 - Updated: 2025-11-18 02:04Summary
Security update for the Linux Kernel (Live Patch 61 for SUSE Linux Enterprise 12 SP5)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 61 for SUSE Linux Enterprise 12 SP5)
Description of the patch
This update for the SUSE Linux Enterprise kernel 4.12.14-122.231 fixes various security issues
The following security issues were fixed:
- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
- CVE-2022-49014: net: tun: Fix use-after-free in tun_detach() (bsc#1232818).
- CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237930).
- CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238324).
- CVE-2022-49179: block, bfq: don't move oom_bfqq (bsc#1241331).
- CVE-2022-49465: blk-throttle: set BIO_THROTTLED when bio has been throttled (bsc#1238920).
- CVE-2022-49545: ALSA: usb-audio: cancel pending work at closing a MIDI substream (bsc#1238730).
- CVE-2022-49563: crypto: qat - add param check for RSA (bsc#1238788).
- CVE-2022-49564: crypto: qat - add param check for DH (bsc#1238790).
- CVE-2022-50252: igb: Do not free q_vector unless new one was allocated (bsc#1249847).
- CVE-2022-50386: Bluetooth: L2CAP: Fix user-after-free (bsc#1250302).
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230998).
- CVE-2024-46818: drm/amd/display: check gpio_id before used as array index (bsc#1231204).
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231676).
- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993).
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231943).
- CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231862).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232929).
- CVE-2024-50154: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink() (bsc#1233072).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233708).
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233680).
- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679).
- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).
- CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854).
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847).
- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1243650).
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892).
- CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235005).
- CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235218).
- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231).
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062).
- CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431).
- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250).
- CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921).
- CVE-2024-57996: net_sched: sch_sfq: don't allow 1 packet limit (bsc#1239077).
- CVE-2024-8805: BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability (bsc#1240840).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1245797).
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744).
- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793).
- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775).
- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218).
- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350).
- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356).
- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001).
- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030).
- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315).
- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350).
- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351).
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673).
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207).
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749).
The following non security issues were fixed:
- Add the git commit and branch to the package description (bsc#920633)
- Fix description in rpm spec file Spec file description mentions initial kGraft patch which is only true for real initial patch. Make it more neutral. (bsc#930408)
- Mark the module as supported (bsc#904970)
- Provide common kallsyms wrapper API With bsc#1103203, the need for disambiguating between a multiply defined symbol arose. This is something the kallsyms_lookup_name() based code snippet we used to copy&paste to every individual CVE fix can't handle. Implement a proper wrapper API for doing the kallsyms lookups.
- Require exact kernel version in the patch (bsc#920615)
- Revert 'Require exact kernel version in the patch' This needs to be done differently, so that modprobe --force works as expected. (bsc#920615) This reverts commit c62c11aecd4e3f8822e1b835fea403acc3148c5a.
- Set immediate flag for the initial patch Setting immediate to true will simplify installation of the initial patch and possibly also of the further updates. (bsc#907150)
- The stubs' signatures have changed: each argument used to get mapped to either long or long long, but on x86_64, the stubs are now receiving a single struct pt_regs only -- it's their responsibility to extract the arguments as appropriate. In order to not require each and every live patch touching syscalls to include an insane amount of ifdeffery, provide a set of #defines hiding it: 1.) KLP_SYSCALL_SYM(name) expands to the syscall stub name for 64 bits as defined by _SYSCALL_DEFINEx(x, _name, ...). 2.) If the architeture requires 32bit specific stubs for syscalls sharing a common implementation between 32 and 64bits, the KLP_ARCH_HAS_SYSCALL_COMPAT_STUBS macro is defined. 3.) If KLP_ARCH_HAS_SYSCALL_COMPAT_STUBS is defined, then KLP_SYSCALL_COMPAT_STUB_SYM(name) expands to the syscall stub name for 32 bits as defined by _SYSCALL_DEFINEx(x, _name, ...). 4.) For syscalls not sharing a common implementation between 32 and 64 bits, i.e. those defined by COMPAT_SYSCALL_DEFINEx(), the macro KLP_COMPAT_SYSCALL_SYM(name) expands to the stub name defined as defined by COMPAT_SYSCALL_DEFINEx(x, _name, ...). 5.) Finally, for hiding differences between the signatures, provide the macro KLP_SYSCALL_DECLx(x, sym, ...) which expands to a declaration of sym, with the x arguments either mapped to long resp. long long each, or collapsed to a single struct pt_regs argument as appropriate for the architecture. Note that these macros are defined as appropriate on kernels before and after 4.17, so that live patch code can be shared. (bsc#1149841)
- bsc#1249208: fix livepatching target module name (bsc#1252946)
- uname_patch: convert to the syscall stub wrapper macros from klp_syscalls.h In order to make the live patch to the newuname() syscall work on kernels >= 4.17 again, convert it to the KLP_SYSCALL_*() wrapper macros provided by klp_syscalls.h. (bsc#1149841)
Patchnames
SUSE-2025-4123,SUSE-SLE-Live-Patching-12-SP5-2025-4123
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 61 for SUSE Linux Enterprise 12 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for the SUSE Linux Enterprise kernel 4.12.14-122.231 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).\n- CVE-2022-49014: net: tun: Fix use-after-free in tun_detach() (bsc#1232818).\n- CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237930).\n- CVE-2022-49080: mm/mempolicy: fix mpol_new leak in shared_policy_replace (bsc#1238324).\n- CVE-2022-49179: block, bfq: don\u0027t move oom_bfqq (bsc#1241331).\n- CVE-2022-49465: blk-throttle: set BIO_THROTTLED when bio has been throttled (bsc#1238920).\n- CVE-2022-49545: ALSA: usb-audio: cancel pending work at closing a MIDI substream (bsc#1238730).\n- CVE-2022-49563: crypto: qat - add param check for RSA (bsc#1238788).\n- CVE-2022-49564: crypto: qat - add param check for DH (bsc#1238790).\n- CVE-2022-50252: igb: Do not free q_vector unless new one was allocated (bsc#1249847).\n- CVE-2022-50386: Bluetooth: L2CAP: Fix user-after-free (bsc#1250302).\n- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230998).\n- CVE-2024-46818: drm/amd/display: check gpio_id before used as array index (bsc#1231204).\n- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231676).\n- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231993).\n- CVE-2024-47706: block, bfq: fix possible UAF for bfqq-\u003ebic with merge chain (bsc#1231943).\n- CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231862).\n- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1233019).\n- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232929).\n- CVE-2024-50154: tcp/dccp: Don\u0027t use timer_pending() in reqsk_queue_unlink() (bsc#1233072).\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233712).\n- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233708).\n- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233680).\n- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679).\n- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).\n- CVE-2024-53146: NFSD: prevent a potential integer overflow (bsc#1234854).\n- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234847).\n- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1243650).\n- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234892).\n- CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235005).\n- CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235218).\n- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231).\n- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062).\n- CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431).\n- CVE-2024-56664: bpf, sockmap: fix race between element replace and close() (bsc#1235250).\n- CVE-2024-57893: ALSA: seq: oss: fix races at processing SysEx messages (bsc#1235921).\n- CVE-2024-57996: net_sched: sch_sfq: don\u0027t allow 1 packet limit (bsc#1239077).\n- CVE-2024-8805: BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability (bsc#1240840).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1245797).\n- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238912).\n- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1240744).\n- CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1245794).\n- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1245776).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1245793).\n- CVE-2025-38000: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (bsc#1245775).\n- CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245218).\n- CVE-2025-38083: net_sched: prio: fix a race in prio_tune() (bsc#1245350).\n- CVE-2025-38177: kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (bsc#1246356).\n- CVE-2025-38181: calipso: fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246001).\n- CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246030).\n- CVE-2025-38477: net/sched: sch_qfq: Fix race condition on qfq_aggregate (bsc#1247315).\n- CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247350).\n- CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247351).\n- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247499).\n- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673).\n- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1249208).\n- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1249207).\n- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749).\n\nThe following non security issues were fixed:\n\n- Add the git commit and branch to the package description (bsc#920633)\n- Fix description in rpm spec file Spec file description mentions initial kGraft patch which is only true for real initial patch. Make it more neutral. (bsc#930408)\n- Mark the module as supported (bsc#904970)\n- Provide common kallsyms wrapper API With bsc#1103203, the need for disambiguating between a multiply defined symbol arose. This is something the kallsyms_lookup_name() based code snippet we used to copy\u0026paste to every individual CVE fix can\u0027t handle. Implement a proper wrapper API for doing the kallsyms lookups.\n- Require exact kernel version in the patch (bsc#920615)\n- Revert \u0027Require exact kernel version in the patch\u0027 This needs to be done differently, so that modprobe --force works as expected. (bsc#920615) This reverts commit c62c11aecd4e3f8822e1b835fea403acc3148c5a.\n- Set immediate flag for the initial patch Setting immediate to true will simplify installation of the initial patch and possibly also of the further updates. (bsc#907150)\n- The stubs\u0027 signatures have changed: each argument used to get mapped to either long or long long, but on x86_64, the stubs are now receiving a single struct pt_regs only -- it\u0027s their responsibility to extract the arguments as appropriate. In order to not require each and every live patch touching syscalls to include an insane amount of ifdeffery, provide a set of #defines hiding it: 1.) KLP_SYSCALL_SYM(name) expands to the syscall stub name for 64 bits as defined by _SYSCALL_DEFINEx(x, _name, ...). 2.) If the architeture requires 32bit specific stubs for syscalls sharing a common implementation between 32 and 64bits, the KLP_ARCH_HAS_SYSCALL_COMPAT_STUBS macro is defined. 3.) If KLP_ARCH_HAS_SYSCALL_COMPAT_STUBS is defined, then KLP_SYSCALL_COMPAT_STUB_SYM(name) expands to the syscall stub name for 32 bits as defined by _SYSCALL_DEFINEx(x, _name, ...). 4.) For syscalls not sharing a common implementation between 32 and 64 bits, i.e. those defined by COMPAT_SYSCALL_DEFINEx(), the macro KLP_COMPAT_SYSCALL_SYM(name) expands to the stub name defined as defined by COMPAT_SYSCALL_DEFINEx(x, _name, ...). 5.) Finally, for hiding differences between the signatures, provide the macro KLP_SYSCALL_DECLx(x, sym, ...) which expands to a declaration of sym, with the x arguments either mapped to long resp. long long each, or collapsed to a single struct pt_regs argument as appropriate for the architecture. Note that these macros are defined as appropriate on kernels before and after 4.17, so that live patch code can be shared. (bsc#1149841)\n- bsc#1249208: fix livepatching target module name (bsc#1252946)\n- uname_patch: convert to the syscall stub wrapper macros from klp_syscalls.h In order to make the live patch to the newuname() syscall work on kernels \u003e= 4.17 again, convert it to the KLP_SYSCALL_*() wrapper macros provided by klp_syscalls.h. (bsc#1149841)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4123,SUSE-SLE-Live-Patching-12-SP5-2025-4123",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4123-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4123-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254123-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4123-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023296.html"
},
{
"category": "self",
"summary": "SUSE Bug 1103203",
"url": "https://bugzilla.suse.com/1103203"
},
{
"category": "self",
"summary": "SUSE Bug 1149841",
"url": "https://bugzilla.suse.com/1149841"
},
{
"category": "self",
"summary": "SUSE Bug 1230998",
"url": "https://bugzilla.suse.com/1230998"
},
{
"category": "self",
"summary": "SUSE Bug 1231204",
"url": "https://bugzilla.suse.com/1231204"
},
{
"category": "self",
"summary": "SUSE Bug 1231676",
"url": "https://bugzilla.suse.com/1231676"
},
{
"category": "self",
"summary": "SUSE Bug 1231862",
"url": "https://bugzilla.suse.com/1231862"
},
{
"category": "self",
"summary": "SUSE Bug 1231943",
"url": "https://bugzilla.suse.com/1231943"
},
{
"category": "self",
"summary": "SUSE Bug 1231993",
"url": "https://bugzilla.suse.com/1231993"
},
{
"category": "self",
"summary": "SUSE Bug 1232637",
"url": "https://bugzilla.suse.com/1232637"
},
{
"category": "self",
"summary": "SUSE Bug 1232818",
"url": "https://bugzilla.suse.com/1232818"
},
{
"category": "self",
"summary": "SUSE Bug 1232929",
"url": "https://bugzilla.suse.com/1232929"
},
{
"category": "self",
"summary": "SUSE Bug 1233019",
"url": "https://bugzilla.suse.com/1233019"
},
{
"category": "self",
"summary": "SUSE Bug 1233072",
"url": "https://bugzilla.suse.com/1233072"
},
{
"category": "self",
"summary": "SUSE Bug 1233679",
"url": "https://bugzilla.suse.com/1233679"
},
{
"category": "self",
"summary": "SUSE Bug 1233680",
"url": "https://bugzilla.suse.com/1233680"
},
{
"category": "self",
"summary": "SUSE Bug 1233708",
"url": "https://bugzilla.suse.com/1233708"
},
{
"category": "self",
"summary": "SUSE Bug 1233712",
"url": "https://bugzilla.suse.com/1233712"
},
{
"category": "self",
"summary": "SUSE Bug 1234847",
"url": "https://bugzilla.suse.com/1234847"
},
{
"category": "self",
"summary": "SUSE Bug 1234854",
"url": "https://bugzilla.suse.com/1234854"
},
{
"category": "self",
"summary": "SUSE Bug 1234892",
"url": "https://bugzilla.suse.com/1234892"
},
{
"category": "self",
"summary": "SUSE Bug 1235005",
"url": "https://bugzilla.suse.com/1235005"
},
{
"category": "self",
"summary": "SUSE Bug 1235062",
"url": "https://bugzilla.suse.com/1235062"
},
{
"category": "self",
"summary": "SUSE Bug 1235218",
"url": "https://bugzilla.suse.com/1235218"
},
{
"category": "self",
"summary": "SUSE Bug 1235231",
"url": "https://bugzilla.suse.com/1235231"
},
{
"category": "self",
"summary": "SUSE Bug 1235250",
"url": "https://bugzilla.suse.com/1235250"
},
{
"category": "self",
"summary": "SUSE Bug 1235431",
"url": "https://bugzilla.suse.com/1235431"
},
{
"category": "self",
"summary": "SUSE Bug 1235921",
"url": "https://bugzilla.suse.com/1235921"
},
{
"category": "self",
"summary": "SUSE Bug 1236783",
"url": "https://bugzilla.suse.com/1236783"
},
{
"category": "self",
"summary": "SUSE Bug 1237930",
"url": "https://bugzilla.suse.com/1237930"
},
{
"category": "self",
"summary": "SUSE Bug 1238324",
"url": "https://bugzilla.suse.com/1238324"
},
{
"category": "self",
"summary": "SUSE Bug 1238730",
"url": "https://bugzilla.suse.com/1238730"
},
{
"category": "self",
"summary": "SUSE Bug 1238788",
"url": "https://bugzilla.suse.com/1238788"
},
{
"category": "self",
"summary": "SUSE Bug 1238790",
"url": "https://bugzilla.suse.com/1238790"
},
{
"category": "self",
"summary": "SUSE Bug 1238912",
"url": "https://bugzilla.suse.com/1238912"
},
{
"category": "self",
"summary": "SUSE Bug 1238920",
"url": "https://bugzilla.suse.com/1238920"
},
{
"category": "self",
"summary": "SUSE Bug 1239077",
"url": "https://bugzilla.suse.com/1239077"
},
{
"category": "self",
"summary": "SUSE Bug 1240744",
"url": "https://bugzilla.suse.com/1240744"
},
{
"category": "self",
"summary": "SUSE Bug 1240840",
"url": "https://bugzilla.suse.com/1240840"
},
{
"category": "self",
"summary": "SUSE Bug 1241331",
"url": "https://bugzilla.suse.com/1241331"
},
{
"category": "self",
"summary": "SUSE Bug 1243650",
"url": "https://bugzilla.suse.com/1243650"
},
{
"category": "self",
"summary": "SUSE Bug 1245218",
"url": "https://bugzilla.suse.com/1245218"
},
{
"category": "self",
"summary": "SUSE Bug 1245350",
"url": "https://bugzilla.suse.com/1245350"
},
{
"category": "self",
"summary": "SUSE Bug 1245775",
"url": "https://bugzilla.suse.com/1245775"
},
{
"category": "self",
"summary": "SUSE Bug 1245776",
"url": "https://bugzilla.suse.com/1245776"
},
{
"category": "self",
"summary": "SUSE Bug 1245793",
"url": "https://bugzilla.suse.com/1245793"
},
{
"category": "self",
"summary": "SUSE Bug 1245794",
"url": "https://bugzilla.suse.com/1245794"
},
{
"category": "self",
"summary": "SUSE Bug 1245797",
"url": "https://bugzilla.suse.com/1245797"
},
{
"category": "self",
"summary": "SUSE Bug 1246001",
"url": "https://bugzilla.suse.com/1246001"
},
{
"category": "self",
"summary": "SUSE Bug 1246030",
"url": "https://bugzilla.suse.com/1246030"
},
{
"category": "self",
"summary": "SUSE Bug 1246356",
"url": "https://bugzilla.suse.com/1246356"
},
{
"category": "self",
"summary": "SUSE Bug 1247315",
"url": "https://bugzilla.suse.com/1247315"
},
{
"category": "self",
"summary": "SUSE Bug 1247350",
"url": "https://bugzilla.suse.com/1247350"
},
{
"category": "self",
"summary": "SUSE Bug 1247351",
"url": "https://bugzilla.suse.com/1247351"
},
{
"category": "self",
"summary": "SUSE Bug 1247499",
"url": "https://bugzilla.suse.com/1247499"
},
{
"category": "self",
"summary": "SUSE Bug 1248673",
"url": "https://bugzilla.suse.com/1248673"
},
{
"category": "self",
"summary": "SUSE Bug 1248749",
"url": "https://bugzilla.suse.com/1248749"
},
{
"category": "self",
"summary": "SUSE Bug 1249207",
"url": "https://bugzilla.suse.com/1249207"
},
{
"category": "self",
"summary": "SUSE Bug 1249208",
"url": "https://bugzilla.suse.com/1249208"
},
{
"category": "self",
"summary": "SUSE Bug 1249847",
"url": "https://bugzilla.suse.com/1249847"
},
{
"category": "self",
"summary": "SUSE Bug 1250302",
"url": "https://bugzilla.suse.com/1250302"
},
{
"category": "self",
"summary": "SUSE Bug 1252946",
"url": "https://bugzilla.suse.com/1252946"
},
{
"category": "self",
"summary": "SUSE Bug 904970",
"url": "https://bugzilla.suse.com/904970"
},
{
"category": "self",
"summary": "SUSE Bug 907150",
"url": "https://bugzilla.suse.com/907150"
},
{
"category": "self",
"summary": "SUSE Bug 920615",
"url": "https://bugzilla.suse.com/920615"
},
{
"category": "self",
"summary": "SUSE Bug 920633",
"url": "https://bugzilla.suse.com/920633"
},
{
"category": "self",
"summary": "SUSE Bug 930408",
"url": "https://bugzilla.suse.com/930408"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49014 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49053 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49080 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49179 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49465 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49545 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49563 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49564 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49564/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50252 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-50386 page",
"url": "https://www.suse.com/security/cve/CVE-2022-50386/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46818 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47674 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47684 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47706 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49860 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50115 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50125 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50154 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50279 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50279/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50301 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50302 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50302/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53104 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53156 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53168 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53173 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53214 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56600 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56601 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56605 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56650 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56664 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57893 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-8805 page",
"url": "https://www.suse.com/security/cve/CVE-2024-8805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21791 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21971 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37752 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38000 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38079 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38083 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38177 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38212 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38477 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38494 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38495 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38498 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38499 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38644 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38644/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 61 for SUSE Linux Enterprise 12 SP5)",
"tracking": {
"current_release_date": "2025-11-18T02:04:00Z",
"generator": {
"date": "2025-11-18T02:04:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4123-1",
"initial_release_date": "2025-11-18T02:04:00Z",
"revision_history": [
{
"date": "2025-11-18T02:04:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_231-default-18-4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_231-default-18-4.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-48956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid use-after-free in ip6_fragment()\n\nBlamed commit claimed rcu_read_lock() was held by ip6_fragment() callers.\n\nIt seems to not be always true, at least for UDP stack.\n\nsyzbot reported:\n\nBUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline]\nBUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\nRead of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618\n\nCPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x15e/0x45d mm/kasan/report.c:395\n kasan_report+0xbf/0x1f0 mm/kasan/report.c:495\n ip6_dst_idev include/net/ip6_fib.h:245 [inline]\n ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\n __ip6_finish_output net/ipv6/ip6_output.c:193 [inline]\n ip6_finish_output+0x9a3/0x1170 net/ipv6/ip6_output.c:206\n NF_HOOK_COND include/linux/netfilter.h:291 [inline]\n ip6_output+0x1f1/0x540 net/ipv6/ip6_output.c:227\n dst_output include/net/dst.h:445 [inline]\n ip6_local_out+0xb3/0x1a0 net/ipv6/output_core.c:161\n ip6_send_skb+0xbb/0x340 net/ipv6/ip6_output.c:1966\n udp_v6_send_skb+0x82a/0x18a0 net/ipv6/udp.c:1286\n udp_v6_push_pending_frames+0x140/0x200 net/ipv6/udp.c:1313\n udpv6_sendmsg+0x18da/0x2c80 net/ipv6/udp.c:1606\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0xd3/0x120 net/socket.c:734\n sock_write_iter+0x295/0x3d0 net/socket.c:1108\n call_write_iter include/linux/fs.h:2191 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x9ed/0xdd0 fs/read_write.c:584\n ksys_write+0x1ec/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fde3588c0d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fde365b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fde359ac050 RCX: 00007fde3588c0d9\nRDX: 000000000000ffdc RSI: 00000000200000c0 RDI: 000000000000000a\nRBP: 00007fde358e7ae9 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fde35acfb1f R14: 00007fde365b6300 R15: 0000000000022000\n \u003c/TASK\u003e\n\nAllocated by task 7618:\n kasan_save_stack+0x22/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x82/0x90 mm/kasan/common.c:325\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3398 [inline]\n slab_alloc mm/slub.c:3406 [inline]\n __kmem_cache_alloc_lru mm/slub.c:3413 [inline]\n kmem_cache_alloc+0x2b4/0x3d0 mm/slub.c:3422\n dst_alloc+0x14a/0x1f0 net/core/dst.c:92\n ip6_dst_alloc+0x32/0xa0 net/ipv6/route.c:344\n ip6_rt_pcpu_alloc net/ipv6/route.c:1369 [inline]\n rt6_make_pcpu_route net/ipv6/route.c:1417 [inline]\n ip6_pol_route+0x901/0x1190 net/ipv6/route.c:2254\n pol_lookup_func include/net/ip6_fib.h:582 [inline]\n fib6_rule_lookup+0x52e/0x6f0 net/ipv6/fib6_rules.c:121\n ip6_route_output_flags_noref+0x2e6/0x380 net/ipv6/route.c:2625\n ip6_route_output_flags+0x76/0x320 net/ipv6/route.c:2638\n ip6_route_output include/net/ip6_route.h:98 [inline]\n ip6_dst_lookup_tail+0x5ab/0x1620 net/ipv6/ip6_output.c:1092\n ip6_dst_lookup_flow+0x90/0x1d0 net/ipv6/ip6_output.c:1222\n ip6_sk_dst_lookup_flow+0x553/0x980 net/ipv6/ip6_output.c:1260\n udpv6_sendmsg+0x151d/0x2c80 net/ipv6/udp.c:1554\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48956",
"url": "https://www.suse.com/security/cve/CVE-2022-48956"
},
{
"category": "external",
"summary": "SUSE Bug 1231893 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1231893"
},
{
"category": "external",
"summary": "SUSE Bug 1232799 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1232799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2022-48956"
},
{
"cve": "CVE-2022-49014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tun: Fix use-after-free in tun_detach()\n\nsyzbot reported use-after-free in tun_detach() [1]. This causes call\ntrace like below:\n\n==================================================================\nBUG: KASAN: use-after-free in notifier_call_chain+0x1ee/0x200 kernel/notifier.c:75\nRead of size 8 at addr ffff88807324e2a8 by task syz-executor.0/3673\n\nCPU: 0 PID: 3673 Comm: syz-executor.0 Not tainted 6.1.0-rc5-syzkaller-00044-gcc675d22e422 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x15e/0x461 mm/kasan/report.c:395\n kasan_report+0xbf/0x1f0 mm/kasan/report.c:495\n notifier_call_chain+0x1ee/0x200 kernel/notifier.c:75\n call_netdevice_notifiers_info+0x86/0x130 net/core/dev.c:1942\n call_netdevice_notifiers_extack net/core/dev.c:1983 [inline]\n call_netdevice_notifiers net/core/dev.c:1997 [inline]\n netdev_wait_allrefs_any net/core/dev.c:10237 [inline]\n netdev_run_todo+0xbc6/0x1100 net/core/dev.c:10351\n tun_detach drivers/net/tun.c:704 [inline]\n tun_chr_close+0xe4/0x190 drivers/net/tun.c:3467\n __fput+0x27c/0xa90 fs/file_table.c:320\n task_work_run+0x16f/0x270 kernel/task_work.c:179\n exit_task_work include/linux/task_work.h:38 [inline]\n do_exit+0xb3d/0x2a30 kernel/exit.c:820\n do_group_exit+0xd4/0x2a0 kernel/exit.c:950\n get_signal+0x21b1/0x2440 kernel/signal.c:2858\n arch_do_signal_or_restart+0x86/0x2300 arch/x86/kernel/signal.c:869\n exit_to_user_mode_loop kernel/entry/common.c:168 [inline]\n exit_to_user_mode_prepare+0x15f/0x250 kernel/entry/common.c:203\n __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]\n syscall_exit_to_user_mode+0x1d/0x50 kernel/entry/common.c:296\n do_syscall_64+0x46/0xb0 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe cause of the issue is that sock_put() from __tun_detach() drops\nlast reference count for struct net, and then notifier_call_chain()\nfrom netdev_state_change() accesses that struct net.\n\nThis patch fixes the issue by calling sock_put() from tun_detach()\nafter all necessary accesses for the struct net has done.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49014",
"url": "https://www.suse.com/security/cve/CVE-2022-49014"
},
{
"category": "external",
"summary": "SUSE Bug 1231890 for CVE-2022-49014",
"url": "https://bugzilla.suse.com/1231890"
},
{
"category": "external",
"summary": "SUSE Bug 1232818 for CVE-2022-49014",
"url": "https://bugzilla.suse.com/1232818"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2022-49014"
},
{
"cve": "CVE-2022-49053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: tcmu: Fix possible page UAF\n\ntcmu_try_get_data_page() looks up pages under cmdr_lock, but it does not\ntake refcount properly and just returns page pointer. When\ntcmu_try_get_data_page() returns, the returned page may have been freed by\ntcmu_blocks_release().\n\nWe need to get_page() under cmdr_lock to avoid concurrent\ntcmu_blocks_release().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49053",
"url": "https://www.suse.com/security/cve/CVE-2022-49053"
},
{
"category": "external",
"summary": "SUSE Bug 1237918 for CVE-2022-49053",
"url": "https://bugzilla.suse.com/1237918"
},
{
"category": "external",
"summary": "SUSE Bug 1237930 for CVE-2022-49053",
"url": "https://bugzilla.suse.com/1237930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2022-49053"
},
{
"cve": "CVE-2022-49080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/mempolicy: fix mpol_new leak in shared_policy_replace\n\nIf mpol_new is allocated but not used in restart loop, mpol_new will be\nfreed via mpol_put before returning to the caller. But refcnt is not\ninitialized yet, so mpol_put could not do the right things and might\nleak the unused mpol_new. This would happen if mempolicy was updated on\nthe shared shmem file while the sp-\u003elock has been dropped during the\nmemory allocation.\n\nThis issue could be triggered easily with the below code snippet if\nthere are many processes doing the below work at the same time:\n\n shmid = shmget((key_t)5566, 1024 * PAGE_SIZE, 0666|IPC_CREAT);\n shm = shmat(shmid, 0, 0);\n loop many times {\n mbind(shm, 1024 * PAGE_SIZE, MPOL_LOCAL, mask, maxnode, 0);\n mbind(shm + 128 * PAGE_SIZE, 128 * PAGE_SIZE, MPOL_DEFAULT, mask,\n maxnode, 0);\n }",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49080",
"url": "https://www.suse.com/security/cve/CVE-2022-49080"
},
{
"category": "external",
"summary": "SUSE Bug 1238033 for CVE-2022-49080",
"url": "https://bugzilla.suse.com/1238033"
},
{
"category": "external",
"summary": "SUSE Bug 1238324 for CVE-2022-49080",
"url": "https://bugzilla.suse.com/1238324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2022-49080"
},
{
"cve": "CVE-2022-49179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49179"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: don\u0027t move oom_bfqq\n\nOur test report a UAF:\n\n[ 2073.019181] ==================================================================\n[ 2073.019188] BUG: KASAN: use-after-free in __bfq_put_async_bfqq+0xa0/0x168\n[ 2073.019191] Write of size 8 at addr ffff8000ccf64128 by task rmmod/72584\n[ 2073.019192]\n[ 2073.019196] CPU: 0 PID: 72584 Comm: rmmod Kdump: loaded Not tainted 4.19.90-yk #5\n[ 2073.019198] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\n[ 2073.019200] Call trace:\n[ 2073.019203] dump_backtrace+0x0/0x310\n[ 2073.019206] show_stack+0x28/0x38\n[ 2073.019210] dump_stack+0xec/0x15c\n[ 2073.019216] print_address_description+0x68/0x2d0\n[ 2073.019220] kasan_report+0x238/0x2f0\n[ 2073.019224] __asan_store8+0x88/0xb0\n[ 2073.019229] __bfq_put_async_bfqq+0xa0/0x168\n[ 2073.019233] bfq_put_async_queues+0xbc/0x208\n[ 2073.019236] bfq_pd_offline+0x178/0x238\n[ 2073.019240] blkcg_deactivate_policy+0x1f0/0x420\n[ 2073.019244] bfq_exit_queue+0x128/0x178\n[ 2073.019249] blk_mq_exit_sched+0x12c/0x160\n[ 2073.019252] elevator_exit+0xc8/0xd0\n[ 2073.019256] blk_exit_queue+0x50/0x88\n[ 2073.019259] blk_cleanup_queue+0x228/0x3d8\n[ 2073.019267] null_del_dev+0xfc/0x1e0 [null_blk]\n[ 2073.019274] null_exit+0x90/0x114 [null_blk]\n[ 2073.019278] __arm64_sys_delete_module+0x358/0x5a0\n[ 2073.019282] el0_svc_common+0xc8/0x320\n[ 2073.019287] el0_svc_handler+0xf8/0x160\n[ 2073.019290] el0_svc+0x10/0x218\n[ 2073.019291]\n[ 2073.019294] Allocated by task 14163:\n[ 2073.019301] kasan_kmalloc+0xe0/0x190\n[ 2073.019305] kmem_cache_alloc_node_trace+0x1cc/0x418\n[ 2073.019308] bfq_pd_alloc+0x54/0x118\n[ 2073.019313] blkcg_activate_policy+0x250/0x460\n[ 2073.019317] bfq_create_group_hierarchy+0x38/0x110\n[ 2073.019321] bfq_init_queue+0x6d0/0x948\n[ 2073.019325] blk_mq_init_sched+0x1d8/0x390\n[ 2073.019330] elevator_switch_mq+0x88/0x170\n[ 2073.019334] elevator_switch+0x140/0x270\n[ 2073.019338] elv_iosched_store+0x1a4/0x2a0\n[ 2073.019342] queue_attr_store+0x90/0xe0\n[ 2073.019348] sysfs_kf_write+0xa8/0xe8\n[ 2073.019351] kernfs_fop_write+0x1f8/0x378\n[ 2073.019359] __vfs_write+0xe0/0x360\n[ 2073.019363] vfs_write+0xf0/0x270\n[ 2073.019367] ksys_write+0xdc/0x1b8\n[ 2073.019371] __arm64_sys_write+0x50/0x60\n[ 2073.019375] el0_svc_common+0xc8/0x320\n[ 2073.019380] el0_svc_handler+0xf8/0x160\n[ 2073.019383] el0_svc+0x10/0x218\n[ 2073.019385]\n[ 2073.019387] Freed by task 72584:\n[ 2073.019391] __kasan_slab_free+0x120/0x228\n[ 2073.019394] kasan_slab_free+0x10/0x18\n[ 2073.019397] kfree+0x94/0x368\n[ 2073.019400] bfqg_put+0x64/0xb0\n[ 2073.019404] bfqg_and_blkg_put+0x90/0xb0\n[ 2073.019408] bfq_put_queue+0x220/0x228\n[ 2073.019413] __bfq_put_async_bfqq+0x98/0x168\n[ 2073.019416] bfq_put_async_queues+0xbc/0x208\n[ 2073.019420] bfq_pd_offline+0x178/0x238\n[ 2073.019424] blkcg_deactivate_policy+0x1f0/0x420\n[ 2073.019429] bfq_exit_queue+0x128/0x178\n[ 2073.019433] blk_mq_exit_sched+0x12c/0x160\n[ 2073.019437] elevator_exit+0xc8/0xd0\n[ 2073.019440] blk_exit_queue+0x50/0x88\n[ 2073.019443] blk_cleanup_queue+0x228/0x3d8\n[ 2073.019451] null_del_dev+0xfc/0x1e0 [null_blk]\n[ 2073.019459] null_exit+0x90/0x114 [null_blk]\n[ 2073.019462] __arm64_sys_delete_module+0x358/0x5a0\n[ 2073.019467] el0_svc_common+0xc8/0x320\n[ 2073.019471] el0_svc_handler+0xf8/0x160\n[ 2073.019474] el0_svc+0x10/0x218\n[ 2073.019475]\n[ 2073.019479] The buggy address belongs to the object at ffff8000ccf63f00\n which belongs to the cache kmalloc-1024 of size 1024\n[ 2073.019484] The buggy address is located 552 bytes inside of\n 1024-byte region [ffff8000ccf63f00, ffff8000ccf64300)\n[ 2073.019486] The buggy address belongs to the page:\n[ 2073.019492] page:ffff7e000333d800 count:1 mapcount:0 mapping:ffff8000c0003a00 index:0x0 compound_mapcount: 0\n[ 2073.020123] flags: 0x7ffff0000008100(slab|head)\n[ 2073.020403] raw: 07ffff0000008100 ffff7e0003334c08 ffff7e00001f5a08 ffff8000c0003a00\n[ 2073.020409] ra\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49179",
"url": "https://www.suse.com/security/cve/CVE-2022-49179"
},
{
"category": "external",
"summary": "SUSE Bug 1238092 for CVE-2022-49179",
"url": "https://bugzilla.suse.com/1238092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "moderate"
}
],
"title": "CVE-2022-49179"
},
{
"cve": "CVE-2022-49465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49465"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-throttle: Set BIO_THROTTLED when bio has been throttled\n\n1.In current process, all bio will set the BIO_THROTTLED flag\nafter __blk_throtl_bio().\n\n2.If bio needs to be throttled, it will start the timer and\nstop submit bio directly. Bio will submit in\nblk_throtl_dispatch_work_fn() when the timer expires.But in\nthe current process, if bio is throttled. The BIO_THROTTLED\nwill be set to bio after timer start. If the bio has been\ncompleted, it may cause use-after-free blow.\n\nBUG: KASAN: use-after-free in blk_throtl_bio+0x12f0/0x2c70\nRead of size 2 at addr ffff88801b8902d4 by task fio/26380\n\n dump_stack+0x9b/0xce\n print_address_description.constprop.6+0x3e/0x60\n kasan_report.cold.9+0x22/0x3a\n blk_throtl_bio+0x12f0/0x2c70\n submit_bio_checks+0x701/0x1550\n submit_bio_noacct+0x83/0xc80\n submit_bio+0xa7/0x330\n mpage_readahead+0x380/0x500\n read_pages+0x1c1/0xbf0\n page_cache_ra_unbounded+0x471/0x6f0\n do_page_cache_ra+0xda/0x110\n ondemand_readahead+0x442/0xae0\n page_cache_async_ra+0x210/0x300\n generic_file_buffered_read+0x4d9/0x2130\n generic_file_read_iter+0x315/0x490\n blkdev_read_iter+0x113/0x1b0\n aio_read+0x2ad/0x450\n io_submit_one+0xc8e/0x1d60\n __se_sys_io_submit+0x125/0x350\n do_syscall_64+0x2d/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nAllocated by task 26380:\n kasan_save_stack+0x19/0x40\n __kasan_kmalloc.constprop.2+0xc1/0xd0\n kmem_cache_alloc+0x146/0x440\n mempool_alloc+0x125/0x2f0\n bio_alloc_bioset+0x353/0x590\n mpage_alloc+0x3b/0x240\n do_mpage_readpage+0xddf/0x1ef0\n mpage_readahead+0x264/0x500\n read_pages+0x1c1/0xbf0\n page_cache_ra_unbounded+0x471/0x6f0\n do_page_cache_ra+0xda/0x110\n ondemand_readahead+0x442/0xae0\n page_cache_async_ra+0x210/0x300\n generic_file_buffered_read+0x4d9/0x2130\n generic_file_read_iter+0x315/0x490\n blkdev_read_iter+0x113/0x1b0\n aio_read+0x2ad/0x450\n io_submit_one+0xc8e/0x1d60\n __se_sys_io_submit+0x125/0x350\n do_syscall_64+0x2d/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nFreed by task 0:\n kasan_save_stack+0x19/0x40\n kasan_set_track+0x1c/0x30\n kasan_set_free_info+0x1b/0x30\n __kasan_slab_free+0x111/0x160\n kmem_cache_free+0x94/0x460\n mempool_free+0xd6/0x320\n bio_free+0xe0/0x130\n bio_put+0xab/0xe0\n bio_endio+0x3a6/0x5d0\n blk_update_request+0x590/0x1370\n scsi_end_request+0x7d/0x400\n scsi_io_completion+0x1aa/0xe50\n scsi_softirq_done+0x11b/0x240\n blk_mq_complete_request+0xd4/0x120\n scsi_mq_done+0xf0/0x200\n virtscsi_vq_done+0xbc/0x150\n vring_interrupt+0x179/0x390\n __handle_irq_event_percpu+0xf7/0x490\n handle_irq_event_percpu+0x7b/0x160\n handle_irq_event+0xcc/0x170\n handle_edge_irq+0x215/0xb20\n common_interrupt+0x60/0x120\n asm_common_interrupt+0x1e/0x40\n\nFix this by move BIO_THROTTLED set into the queue_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49465",
"url": "https://www.suse.com/security/cve/CVE-2022-49465"
},
{
"category": "external",
"summary": "SUSE Bug 1238919 for CVE-2022-49465",
"url": "https://bugzilla.suse.com/1238919"
},
{
"category": "external",
"summary": "SUSE Bug 1238920 for CVE-2022-49465",
"url": "https://bugzilla.suse.com/1238920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2022-49465"
},
{
"cve": "CVE-2022-49545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Cancel pending work at closing a MIDI substream\n\nAt closing a USB MIDI output substream, there might be still a pending\nwork, which would eventually access the rawmidi runtime object that is\nbeing released. For fixing the race, make sure to cancel the pending\nwork at closing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49545",
"url": "https://www.suse.com/security/cve/CVE-2022-49545"
},
{
"category": "external",
"summary": "SUSE Bug 1238729 for CVE-2022-49545",
"url": "https://bugzilla.suse.com/1238729"
},
{
"category": "external",
"summary": "SUSE Bug 1238730 for CVE-2022-49545",
"url": "https://bugzilla.suse.com/1238730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2022-49545"
},
{
"cve": "CVE-2022-49563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - add param check for RSA\n\nReject requests with a source buffer that is bigger than the size of the\nkey. This is to prevent a possible integer underflow that might happen\nwhen copying the source scatterlist into a linear buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49563",
"url": "https://www.suse.com/security/cve/CVE-2022-49563"
},
{
"category": "external",
"summary": "SUSE Bug 1238787 for CVE-2022-49563",
"url": "https://bugzilla.suse.com/1238787"
},
{
"category": "external",
"summary": "SUSE Bug 1238788 for CVE-2022-49563",
"url": "https://bugzilla.suse.com/1238788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2022-49563"
},
{
"cve": "CVE-2022-49564",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49564"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - add param check for DH\n\nReject requests with a source buffer that is bigger than the size of the\nkey. This is to prevent a possible integer underflow that might happen\nwhen copying the source scatterlist into a linear buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49564",
"url": "https://www.suse.com/security/cve/CVE-2022-49564"
},
{
"category": "external",
"summary": "SUSE Bug 1238789 for CVE-2022-49564",
"url": "https://bugzilla.suse.com/1238789"
},
{
"category": "external",
"summary": "SUSE Bug 1238790 for CVE-2022-49564",
"url": "https://bugzilla.suse.com/1238790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2022-49564"
},
{
"cve": "CVE-2022-50252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50252"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Do not free q_vector unless new one was allocated\n\nAvoid potential use-after-free condition under memory pressure. If the\nkzalloc() fails, q_vector will be freed but left in the original\nadapter-\u003eq_vector[v_idx] array position.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50252",
"url": "https://www.suse.com/security/cve/CVE-2022-50252"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2022-50252",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1249846 for CVE-2022-50252",
"url": "https://bugzilla.suse.com/1249846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2022-50252"
},
{
"cve": "CVE-2022-50386",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-50386"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix user-after-free\n\nThis uses l2cap_chan_hold_unless_zero() after calling\n__l2cap_get_chan_blah() to prevent the following trace:\n\nBluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct kref\n*kref)\nBluetooth: chan 0000000023c4974d\nBluetooth: parent 00000000ae861c08\n==================================================================\nBUG: KASAN: use-after-free in __mutex_waiter_is_first\nkernel/locking/mutex.c:191 [inline]\nBUG: KASAN: use-after-free in __mutex_lock_common\nkernel/locking/mutex.c:671 [inline]\nBUG: KASAN: use-after-free in __mutex_lock+0x278/0x400\nkernel/locking/mutex.c:729\nRead of size 8 at addr ffff888006a49b08 by task kworker/u3:2/389",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-50386",
"url": "https://www.suse.com/security/cve/CVE-2022-50386"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2022-50386",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1250301 for CVE-2022-50386",
"url": "https://bugzilla.suse.com/1250301"
},
{
"category": "external",
"summary": "SUSE Bug 1250302 for CVE-2022-50386",
"url": "https://bugzilla.suse.com/1250302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2022-50386"
},
{
"cve": "CVE-2024-45016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: fix return value if duplicate enqueue fails\n\nThere is a bug in netem_enqueue() introduced by\ncommit 5845f706388a (\"net: netem: fix skb length BUG_ON in __skb_to_sgvec\")\nthat can lead to a use-after-free.\n\nThis commit made netem_enqueue() always return NET_XMIT_SUCCESS\nwhen a packet is duplicated, which can cause the parent qdisc\u0027s q.qlen\nto be mistakenly incremented. When this happens qlen_notify() may be\nskipped on the parent during destruction, leaving a dangling pointer\nfor some classful qdiscs like DRR.\n\nThere are two ways for the bug happen:\n\n- If the duplicated packet is dropped by rootq-\u003eenqueue() and then\n the original packet is also dropped.\n- If rootq-\u003eenqueue() sends the duplicated packet to a different qdisc\n and the original packet is dropped.\n\nIn both cases NET_XMIT_SUCCESS is returned even though no packets\nare enqueued at the netem qdisc.\n\nThe fix is to defer the enqueue of the duplicate packet until after\nthe original packet has been guaranteed to return NET_XMIT_SUCCESS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45016",
"url": "https://www.suse.com/security/cve/CVE-2024-45016"
},
{
"category": "external",
"summary": "SUSE Bug 1230429 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "external",
"summary": "SUSE Bug 1230998 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-45016"
},
{
"cve": "CVE-2024-46818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46818"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check gpio_id before used as array index\n\n[WHY \u0026 HOW]\nGPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore\nshould be checked in advance.\n\nThis fixes 5 OVERRUN issues reported by Coverity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46818",
"url": "https://www.suse.com/security/cve/CVE-2024-46818"
},
{
"category": "external",
"summary": "SUSE Bug 1231203 for CVE-2024-46818",
"url": "https://bugzilla.suse.com/1231203"
},
{
"category": "external",
"summary": "SUSE Bug 1231204 for CVE-2024-46818",
"url": "https://bugzilla.suse.com/1231204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-46818"
},
{
"cve": "CVE-2024-47674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: avoid leaving partial pfn mappings around in error case\n\nAs Jann points out, PFN mappings are special, because unlike normal\nmemory mappings, there is no lifetime information associated with the\nmapping - it is just a raw mapping of PFNs with no reference counting of\na \u0027struct page\u0027.\n\nThat\u0027s all very much intentional, but it does mean that it\u0027s easy to\nmess up the cleanup in case of errors. Yes, a failed mmap() will always\neventually clean up any partial mappings, but without any explicit\nlifetime in the page table mapping itself, it\u0027s very easy to do the\nerror handling in the wrong order.\n\nIn particular, it\u0027s easy to mistakenly free the physical backing store\nbefore the page tables are actually cleaned up and (temporarily) have\nstale dangling PTE entries.\n\nTo make this situation less error-prone, just make sure that any partial\npfn mapping is torn down early, before any other error handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47674",
"url": "https://www.suse.com/security/cve/CVE-2024-47674"
},
{
"category": "external",
"summary": "SUSE Bug 1231673 for CVE-2024-47674",
"url": "https://bugzilla.suse.com/1231673"
},
{
"category": "external",
"summary": "SUSE Bug 1231676 for CVE-2024-47674",
"url": "https://bugzilla.suse.com/1231676"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-47674"
},
{
"cve": "CVE-2024-47684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: check skb is non-NULL in tcp_rto_delta_us()\n\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\nkernel that are running ceph and recently hit a null ptr dereference in\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\nsaw it getting hit from the RACK case as well. Here are examples of the oops\nmessages we saw in each of those cases:\n\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 \u003c48\u003e 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\nJul 26 15:05:02 rx [11061395.919488]\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47684",
"url": "https://www.suse.com/security/cve/CVE-2024-47684"
},
{
"category": "external",
"summary": "SUSE Bug 1231987 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231987"
},
{
"category": "external",
"summary": "SUSE Bug 1231993 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-47684"
},
{
"cve": "CVE-2024-47706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix possible UAF for bfqq-\u003ebic with merge chain\n\n1) initial state, three tasks:\n\n\t\tProcess 1 Process 2\tProcess 3\n\t\t (BIC1) (BIC2)\t\t (BIC3)\n\t\t | ^ | ^\t\t | ^\n\t\t | | | |\t\t | |\n\t\t V | V |\t\t V |\n\t\t bfqq1 bfqq2\t\t bfqq3\nprocess ref:\t 1\t\t 1\t\t 1\n\n2) bfqq1 merged to bfqq2:\n\n\t\tProcess 1 Process 2\tProcess 3\n\t\t (BIC1) (BIC2)\t\t (BIC3)\n\t\t | |\t\t | ^\n\t\t \\--------------\\|\t\t | |\n\t\t V\t\t V |\n\t\t bfqq1---------\u003ebfqq2\t\t bfqq3\nprocess ref:\t 0\t\t 2\t\t 1\n\n3) bfqq2 merged to bfqq3:\n\n\t\tProcess 1 Process 2\tProcess 3\n\t\t (BIC1) (BIC2)\t\t (BIC3)\n\t here -\u003e ^ |\t\t |\n\t\t \\--------------\\ \\-------------\\|\n\t\t V\t\t V\n\t\t bfqq1---------\u003ebfqq2----------\u003ebfqq3\nprocess ref:\t 0\t\t 1\t\t 3\n\nIn this case, IO from Process 1 will get bfqq2 from BIC1 first, and then\nget bfqq3 through merge chain, and finially handle IO by bfqq3.\nHowerver, current code will think bfqq2 is owned by BIC1, like initial\nstate, and set bfqq2-\u003ebic to BIC1.\n\nbfq_insert_request\n-\u003e by Process 1\n bfqq = bfq_init_rq(rq)\n bfqq = bfq_get_bfqq_handle_split\n bfqq = bic_to_bfqq\n -\u003e get bfqq2 from BIC1\n bfqq-\u003eref++\n rq-\u003eelv.priv[0] = bic\n rq-\u003eelv.priv[1] = bfqq\n if (bfqq_process_refs(bfqq) == 1)\n bfqq-\u003ebic = bic\n -\u003e record BIC1 to bfqq2\n\n __bfq_insert_request\n new_bfqq = bfq_setup_cooperator\n -\u003e get bfqq3 from bfqq2-\u003enew_bfqq\n bfqq_request_freed(bfqq)\n new_bfqq-\u003eref++\n rq-\u003eelv.priv[1] = new_bfqq\n -\u003e handle IO by bfqq3\n\nFix the problem by checking bfqq is from merge chain fist. And this\nmight fix a following problem reported by our syzkaller(unreproducible):\n\n==================================================================\nBUG: KASAN: slab-use-after-free in bfq_do_early_stable_merge block/bfq-iosched.c:5692 [inline]\nBUG: KASAN: slab-use-after-free in bfq_do_or_sched_stable_merge block/bfq-iosched.c:5805 [inline]\nBUG: KASAN: slab-use-after-free in bfq_get_queue+0x25b0/0x2610 block/bfq-iosched.c:5889\nWrite of size 1 at addr ffff888123839eb8 by task kworker/0:1H/18595\n\nCPU: 0 PID: 18595 Comm: kworker/0:1H Tainted: G L 6.6.0-07439-gba2303cacfda #6\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\nWorkqueue: kblockd blk_mq_requeue_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:364 [inline]\n print_report+0x10d/0x610 mm/kasan/report.c:475\n kasan_report+0x8e/0xc0 mm/kasan/report.c:588\n bfq_do_early_stable_merge block/bfq-iosched.c:5692 [inline]\n bfq_do_or_sched_stable_merge block/bfq-iosched.c:5805 [inline]\n bfq_get_queue+0x25b0/0x2610 block/bfq-iosched.c:5889\n bfq_get_bfqq_handle_split+0x169/0x5d0 block/bfq-iosched.c:6757\n bfq_init_rq block/bfq-iosched.c:6876 [inline]\n bfq_insert_request block/bfq-iosched.c:6254 [inline]\n bfq_insert_requests+0x1112/0x5cf0 block/bfq-iosched.c:6304\n blk_mq_insert_request+0x290/0x8d0 block/blk-mq.c:2593\n blk_mq_requeue_work+0x6bc/0xa70 block/blk-mq.c:1502\n process_one_work kernel/workqueue.c:2627 [inline]\n process_scheduled_works+0x432/0x13f0 kernel/workqueue.c:2700\n worker_thread+0x6f2/0x1160 kernel/workqueue.c:2781\n kthread+0x33c/0x440 kernel/kthread.c:388\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:305\n \u003c/TASK\u003e\n\nAllocated by task 20776:\n kasan_save_stack+0x20/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\n slab_post_alloc_hook mm/slab.h:763 [inline]\n slab_alloc_node mm/slub.c:3458 [inline]\n kmem_cache_alloc_node+0x1a4/0x6f0 mm/slub.c:3503\n ioc_create_icq block/blk-ioc.c:370 [inline]\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47706",
"url": "https://www.suse.com/security/cve/CVE-2024-47706"
},
{
"category": "external",
"summary": "SUSE Bug 1231942 for CVE-2024-47706",
"url": "https://bugzilla.suse.com/1231942"
},
{
"category": "external",
"summary": "SUSE Bug 1231943 for CVE-2024-47706",
"url": "https://bugzilla.suse.com/1231943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-47706"
},
{
"cve": "CVE-2024-49860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: sysfs: validate return type of _STR method\n\nOnly buffer objects are valid return values of _STR.\n\nIf something else is returned description_show() will access invalid\nmemory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49860",
"url": "https://www.suse.com/security/cve/CVE-2024-49860"
},
{
"category": "external",
"summary": "SUSE Bug 1231861 for CVE-2024-49860",
"url": "https://bugzilla.suse.com/1231861"
},
{
"category": "external",
"summary": "SUSE Bug 1231862 for CVE-2024-49860",
"url": "https://bugzilla.suse.com/1231862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-49860"
},
{
"cve": "CVE-2024-50115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn\u0027t\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn\u0027t using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM\u0027s much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it\u0027s only the nSVM flow\nthat is broken.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50115",
"url": "https://www.suse.com/security/cve/CVE-2024-50115"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232919 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "external",
"summary": "SUSE Bug 1233019 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1233019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-50115"
},
{
"cve": "CVE-2024-50125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: Fix UAF on sco_sock_timeout\n\nconn-\u003esk maybe have been unlinked/freed while waiting for sco_conn_lock\nso this checks if the conn-\u003esk is still valid by checking if it part of\nsco_sk_list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50125",
"url": "https://www.suse.com/security/cve/CVE-2024-50125"
},
{
"category": "external",
"summary": "SUSE Bug 1232928 for CVE-2024-50125",
"url": "https://bugzilla.suse.com/1232928"
},
{
"category": "external",
"summary": "SUSE Bug 1232929 for CVE-2024-50125",
"url": "https://bugzilla.suse.com/1232929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-50125"
},
{
"cve": "CVE-2024-50154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50154"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp/dccp: Don\u0027t use timer_pending() in reqsk_queue_unlink().\n\nMartin KaFai Lau reported use-after-free [0] in reqsk_timer_handler().\n\n \"\"\"\n We are seeing a use-after-free from a bpf prog attached to\n trace_tcp_retransmit_synack. The program passes the req-\u003esk to the\n bpf_sk_storage_get_tracing kernel helper which does check for null\n before using it.\n \"\"\"\n\nThe commit 83fccfc3940c (\"inet: fix potential deadlock in\nreqsk_queue_unlink()\") added timer_pending() in reqsk_queue_unlink() not\nto call del_timer_sync() from reqsk_timer_handler(), but it introduced a\nsmall race window.\n\nBefore the timer is called, expire_timers() calls detach_timer(timer, true)\nto clear timer-\u003eentry.pprev and marks it as not pending.\n\nIf reqsk_queue_unlink() checks timer_pending() just after expire_timers()\ncalls detach_timer(), TCP will miss del_timer_sync(); the reqsk timer will\ncontinue running and send multiple SYN+ACKs until it expires.\n\nThe reported UAF could happen if req-\u003esk is close()d earlier than the timer\nexpiration, which is 63s by default.\n\nThe scenario would be\n\n 1. inet_csk_complete_hashdance() calls inet_csk_reqsk_queue_drop(),\n but del_timer_sync() is missed\n\n 2. reqsk timer is executed and scheduled again\n\n 3. req-\u003esk is accept()ed and reqsk_put() decrements rsk_refcnt, but\n reqsk timer still has another one, and inet_csk_accept() does not\n clear req-\u003esk for non-TFO sockets\n\n 4. sk is close()d\n\n 5. reqsk timer is executed again, and BPF touches req-\u003esk\n\nLet\u0027s not use timer_pending() by passing the caller context to\n__inet_csk_reqsk_queue_drop().\n\nNote that reqsk timer is pinned, so the issue does not happen in most\nuse cases. [1]\n\n[0]\nBUG: KFENCE: use-after-free read in bpf_sk_storage_get_tracing+0x2e/0x1b0\n\nUse-after-free read at 0x00000000a891fb3a (in kfence-#1):\nbpf_sk_storage_get_tracing+0x2e/0x1b0\nbpf_prog_5ea3e95db6da0438_tcp_retransmit_synack+0x1d20/0x1dda\nbpf_trace_run2+0x4c/0xc0\ntcp_rtx_synack+0xf9/0x100\nreqsk_timer_handler+0xda/0x3d0\nrun_timer_softirq+0x292/0x8a0\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\nintel_idle_irq+0x5a/0xa0\ncpuidle_enter_state+0x94/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nkfence-#1: 0x00000000a72cc7b6-0x00000000d97616d9, size=2376, cache=TCPv6\n\nallocated by task 0 on cpu 9 at 260507.901592s:\nsk_prot_alloc+0x35/0x140\nsk_clone_lock+0x1f/0x3f0\ninet_csk_clone_lock+0x15/0x160\ntcp_create_openreq_child+0x1f/0x410\ntcp_v6_syn_recv_sock+0x1da/0x700\ntcp_check_req+0x1fb/0x510\ntcp_v6_rcv+0x98b/0x1420\nipv6_list_rcv+0x2258/0x26e0\nnapi_complete_done+0x5b1/0x2990\nmlx5e_napi_poll+0x2ae/0x8d0\nnet_rx_action+0x13e/0x590\nirq_exit_rcu+0xf5/0x320\ncommon_interrupt+0x80/0x90\nasm_common_interrupt+0x22/0x40\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nfreed by task 0 on cpu 9 at 260507.927527s:\nrcu_core_si+0x4ff/0xf10\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50154",
"url": "https://www.suse.com/security/cve/CVE-2024-50154"
},
{
"category": "external",
"summary": "SUSE Bug 1233070 for CVE-2024-50154",
"url": "https://bugzilla.suse.com/1233070"
},
{
"category": "external",
"summary": "SUSE Bug 1233072 for CVE-2024-50154",
"url": "https://bugzilla.suse.com/1233072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-50154"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
},
{
"cve": "CVE-2024-50279",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50279"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: fix out-of-bounds access to the dirty bitset when resizing\n\ndm-cache checks the dirty bits of the cache blocks to be dropped when\nshrinking the fast device, but an index bug in bitset iteration causes\nout-of-bounds access.\n\nReproduce steps:\n\n1. create a cache device of 1024 cache blocks (128 bytes dirty bitset)\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 131072 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct\ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\n\n2. shrink the fast device to 512 cache blocks, triggering out-of-bounds\n access to the dirty bitset (offset 0x80)\n\ndmsetup suspend cache\ndmsetup reload cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup resume cdata\ndmsetup resume cache\n\nKASAN reports:\n\n BUG: KASAN: vmalloc-out-of-bounds in cache_preresume+0x269/0x7b0\n Read of size 8 at addr ffffc900000f3080 by task dmsetup/131\n\n (...snip...)\n The buggy address belongs to the virtual mapping at\n [ffffc900000f3000, ffffc900000f5000) created by:\n cache_ctr+0x176a/0x35f0\n\n (...snip...)\n Memory state around the buggy address:\n ffffc900000f2f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003effffc900000f3080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffffc900000f3100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n\nFix by making the index post-incremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50279",
"url": "https://www.suse.com/security/cve/CVE-2024-50279"
},
{
"category": "external",
"summary": "SUSE Bug 1233468 for CVE-2024-50279",
"url": "https://bugzilla.suse.com/1233468"
},
{
"category": "external",
"summary": "SUSE Bug 1233708 for CVE-2024-50279",
"url": "https://bugzilla.suse.com/1233708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-50279"
},
{
"cve": "CVE-2024-50301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsecurity/keys: fix slab-out-of-bounds in key_task_permission\n\nKASAN reports an out of bounds read:\nBUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36\nBUG: KASAN: slab-out-of-bounds in uid_eq include/linux/uidgid.h:63 [inline]\nBUG: KASAN: slab-out-of-bounds in key_task_permission+0x394/0x410\nsecurity/keys/permission.c:54\nRead of size 4 at addr ffff88813c3ab618 by task stress-ng/4362\n\nCPU: 2 PID: 4362 Comm: stress-ng Not tainted 5.10.0-14930-gafbffd6c3ede #15\nCall Trace:\n __dump_stack lib/dump_stack.c:82 [inline]\n dump_stack+0x107/0x167 lib/dump_stack.c:123\n print_address_description.constprop.0+0x19/0x170 mm/kasan/report.c:400\n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560\n kasan_report+0x3a/0x50 mm/kasan/report.c:585\n __kuid_val include/linux/uidgid.h:36 [inline]\n uid_eq include/linux/uidgid.h:63 [inline]\n key_task_permission+0x394/0x410 security/keys/permission.c:54\n search_nested_keyrings+0x90e/0xe90 security/keys/keyring.c:793\n\nThis issue was also reported by syzbot.\n\nIt can be reproduced by following these steps(more details [1]):\n1. Obtain more than 32 inputs that have similar hashes, which ends with the\n pattern \u00270xxxxxxxe6\u0027.\n2. Reboot and add the keys obtained in step 1.\n\nThe reproducer demonstrates how this issue happened:\n1. In the search_nested_keyrings function, when it iterates through the\n slots in a node(below tag ascend_to_node), if the slot pointer is meta\n and node-\u003eback_pointer != NULL(it means a root), it will proceed to\n descend_to_node. However, there is an exception. If node is the root,\n and one of the slots points to a shortcut, it will be treated as a\n keyring.\n2. Whether the ptr is keyring decided by keyring_ptr_is_keyring function.\n However, KEYRING_PTR_SUBTYPE is 0x2UL, the same as\n ASSOC_ARRAY_PTR_SUBTYPE_MASK.\n3. When 32 keys with the similar hashes are added to the tree, the ROOT\n has keys with hashes that are not similar (e.g. slot 0) and it splits\n NODE A without using a shortcut. When NODE A is filled with keys that\n all hashes are xxe6, the keys are similar, NODE A will split with a\n shortcut. Finally, it forms the tree as shown below, where slot 6 points\n to a shortcut.\n\n NODE A\n +------\u003e+---+\n ROOT | | 0 | xxe6\n +---+ | +---+\n xxxx | 0 | shortcut : : xxe6\n +---+ | +---+\n xxe6 : : | | | xxe6\n +---+ | +---+\n | 6 |---+ : : xxe6\n +---+ +---+\n xxe6 : : | f | xxe6\n +---+ +---+\n xxe6 | f |\n +---+\n\n4. As mentioned above, If a slot(slot 6) of the root points to a shortcut,\n it may be mistakenly transferred to a key*, leading to a read\n out-of-bounds read.\n\nTo fix this issue, one should jump to descend_to_node if the ptr is a\nshortcut, regardless of whether the node is root or not.\n\n[1] https://lore.kernel.org/linux-kernel/1cfa878e-8c7b-4570-8606-21daf5e13ce7@huaweicloud.com/\n\n[jarkko: tweaked the commit message a bit to have an appropriate closes\n tag.]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50301",
"url": "https://www.suse.com/security/cve/CVE-2024-50301"
},
{
"category": "external",
"summary": "SUSE Bug 1233490 for CVE-2024-50301",
"url": "https://bugzilla.suse.com/1233490"
},
{
"category": "external",
"summary": "SUSE Bug 1233680 for CVE-2024-50301",
"url": "https://bugzilla.suse.com/1233680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-50301"
},
{
"cve": "CVE-2024-50302",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50302"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let\u0027s\nzero-initialize it during allocation to make sure that it can\u0027t be ever used\nto leak kernel memory via specially-crafted report.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50302",
"url": "https://www.suse.com/security/cve/CVE-2024-50302"
},
{
"category": "external",
"summary": "SUSE Bug 1233491 for CVE-2024-50302",
"url": "https://bugzilla.suse.com/1233491"
},
{
"category": "external",
"summary": "SUSE Bug 1233679 for CVE-2024-50302",
"url": "https://bugzilla.suse.com/1233679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-50302"
},
{
"cve": "CVE-2024-53104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format\n\nThis can lead to out of bounds writes since frames of this type were not\ntaken into account when calculating the size of the frames buffer in\nuvc_parse_streaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53104",
"url": "https://www.suse.com/security/cve/CVE-2024-53104"
},
{
"category": "external",
"summary": "SUSE Bug 1234025 for CVE-2024-53104",
"url": "https://bugzilla.suse.com/1234025"
},
{
"category": "external",
"summary": "SUSE Bug 1236783 for CVE-2024-53104",
"url": "https://bugzilla.suse.com/1236783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-53104"
},
{
"cve": "CVE-2024-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Prevent a potential integer overflow\n\nIf the tag length is \u003e= U32_MAX - 3 then the \"length + 4\" addition\ncan result in an integer overflow. Address this by splitting the\ndecoding into several steps so that decode_cb_compound4res() does\nnot have to perform arithmetic on the unsafe length value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53146",
"url": "https://www.suse.com/security/cve/CVE-2024-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53146",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234854 for CVE-2024-53146",
"url": "https://bugzilla.suse.com/1234854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-53146"
},
{
"cve": "CVE-2024-53156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()\n\nI found the following bug in my fuzzer:\n\n UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51\n index 255 is out of range for type \u0027htc_endpoint [22]\u0027\n CPU: 0 UID: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.11.0-rc6-dirty #14\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n Workqueue: events request_firmware_work_func\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x180/0x1b0\n __ubsan_handle_out_of_bounds+0xd4/0x130\n htc_issue_send.constprop.0+0x20c/0x230\n ? _raw_spin_unlock_irqrestore+0x3c/0x70\n ath9k_wmi_cmd+0x41d/0x610\n ? mark_held_locks+0x9f/0xe0\n ...\n\nSince this bug has been confirmed to be caused by insufficient verification\nof conn_rsp_epid, I think it would be appropriate to add a range check for\nconn_rsp_epid to htc_connect_service() to prevent the bug from occurring.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53156",
"url": "https://www.suse.com/security/cve/CVE-2024-53156"
},
{
"category": "external",
"summary": "SUSE Bug 1234846 for CVE-2024-53156",
"url": "https://bugzilla.suse.com/1234846"
},
{
"category": "external",
"summary": "SUSE Bug 1234847 for CVE-2024-53156",
"url": "https://bugzilla.suse.com/1234847"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53156",
"url": "https://bugzilla.suse.com/1234853"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-53156"
},
{
"cve": "CVE-2024-53168",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53168"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsunrpc: fix one UAF issue caused by sunrpc kernel tcp socket\n\nBUG: KASAN: slab-use-after-free in tcp_write_timer_handler+0x156/0x3e0\nRead of size 1 at addr ffff888111f322cd by task swapper/0/0\n\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.0-rc4-dirty #7\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x68/0xa0\n print_address_description.constprop.0+0x2c/0x3d0\n print_report+0xb4/0x270\n kasan_report+0xbd/0xf0\n tcp_write_timer_handler+0x156/0x3e0\n tcp_write_timer+0x66/0x170\n call_timer_fn+0xfb/0x1d0\n __run_timers+0x3f8/0x480\n run_timer_softirq+0x9b/0x100\n handle_softirqs+0x153/0x390\n __irq_exit_rcu+0x103/0x120\n irq_exit_rcu+0xe/0x20\n sysvec_apic_timer_interrupt+0x76/0x90\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20\nRIP: 0010:default_idle+0xf/0x20\nCode: 4c 01 c7 4c 29 c2 e9 72 ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90\n 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 33 f8 25 00 fb f4 \u003cfa\u003e c3 cc cc cc\n cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90\nRSP: 0018:ffffffffa2007e28 EFLAGS: 00000242\nRAX: 00000000000f3b31 RBX: 1ffffffff4400fc7 RCX: ffffffffa09c3196\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff9f00590f\nRBP: 0000000000000000 R08: 0000000000000001 R09: ffffed102360835d\nR10: ffff88811b041aeb R11: 0000000000000001 R12: 0000000000000000\nR13: ffffffffa202d7c0 R14: 0000000000000000 R15: 00000000000147d0\n default_idle_call+0x6b/0xa0\n cpuidle_idle_call+0x1af/0x1f0\n do_idle+0xbc/0x130\n cpu_startup_entry+0x33/0x40\n rest_init+0x11f/0x210\n start_kernel+0x39a/0x420\n x86_64_start_reservations+0x18/0x30\n x86_64_start_kernel+0x97/0xa0\n common_startup_64+0x13e/0x141\n \u003c/TASK\u003e\n\nAllocated by task 595:\n kasan_save_stack+0x24/0x50\n kasan_save_track+0x14/0x30\n __kasan_slab_alloc+0x87/0x90\n kmem_cache_alloc_noprof+0x12b/0x3f0\n copy_net_ns+0x94/0x380\n create_new_namespaces+0x24c/0x500\n unshare_nsproxy_namespaces+0x75/0xf0\n ksys_unshare+0x24e/0x4f0\n __x64_sys_unshare+0x1f/0x30\n do_syscall_64+0x70/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 100:\n kasan_save_stack+0x24/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x54/0x70\n kmem_cache_free+0x156/0x5d0\n cleanup_net+0x5d3/0x670\n process_one_work+0x776/0xa90\n worker_thread+0x2e2/0x560\n kthread+0x1a8/0x1f0\n ret_from_fork+0x34/0x60\n ret_from_fork_asm+0x1a/0x30\n\nReproduction script:\n\nmkdir -p /mnt/nfsshare\nmkdir -p /mnt/nfs/netns_1\nmkfs.ext4 /dev/sdb\nmount /dev/sdb /mnt/nfsshare\nsystemctl restart nfs-server\nchmod 777 /mnt/nfsshare\nexportfs -i -o rw,no_root_squash *:/mnt/nfsshare\n\nip netns add netns_1\nip link add name veth_1_peer type veth peer veth_1\nifconfig veth_1_peer 11.11.0.254 up\nip link set veth_1 netns netns_1\nip netns exec netns_1 ifconfig veth_1 11.11.0.1\n\nip netns exec netns_1 /root/iptables -A OUTPUT -d 11.11.0.254 -p tcp \\\n\t--tcp-flags FIN FIN -j DROP\n\n(note: In my environment, a DESTROY_CLIENTID operation is always sent\n immediately, breaking the nfs tcp connection.)\nip netns exec netns_1 timeout -s 9 300 mount -t nfs -o proto=tcp,vers=4.1 \\\n\t11.11.0.254:/mnt/nfsshare /mnt/nfs/netns_1\n\nip netns del netns_1\n\nThe reason here is that the tcp socket in netns_1 (nfs side) has been\nshutdown and closed (done in xs_destroy), but the FIN message (with ack)\nis discarded, and the nfsd side keeps sending retransmission messages.\nAs a result, when the tcp sock in netns_1 processes the received message,\nit sends the message (FIN message) in the sending queue, and the tcp timer\nis re-established. When the network namespace is deleted, the net structure\naccessed by tcp\u0027s timer handler function causes problems.\n\nTo fix this problem, let\u0027s hold netns refcnt for the tcp kernel socket as\ndone in other modules. This is an ugly hack which can easily be backported\nto earlier kernels. A proper fix which cleans up the interfaces will\nfollow, but may not be so easy to backport.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53168",
"url": "https://www.suse.com/security/cve/CVE-2024-53168"
},
{
"category": "external",
"summary": "SUSE Bug 1234887 for CVE-2024-53168",
"url": "https://bugzilla.suse.com/1234887"
},
{
"category": "external",
"summary": "SUSE Bug 1243650 for CVE-2024-53168",
"url": "https://bugzilla.suse.com/1243650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-53168"
},
{
"cve": "CVE-2024-53173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.0: Fix a use-after-free problem in the asynchronous open()\n\nYang Erkun reports that when two threads are opening files at the same\ntime, and are forced to abort before a reply is seen, then the call to\nnfs_release_seqid() in nfs4_opendata_free() can result in a\nuse-after-free of the pointer to the defunct rpc task of the other\nthread.\nThe fix is to ensure that if the RPC call is aborted before the call to\nnfs_wait_on_sequence() is complete, then we must call nfs_release_seqid()\nin nfs4_open_release() before the rpc_task is freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53173",
"url": "https://www.suse.com/security/cve/CVE-2024-53173"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234891 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234891"
},
{
"category": "external",
"summary": "SUSE Bug 1234892 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-53173"
},
{
"cve": "CVE-2024-53214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53214"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: Properly hide first-in-list PCIe extended capability\n\nThere are cases where a PCIe extended capability should be hidden from\nthe user. For example, an unknown capability (i.e., capability with ID\ngreater than PCI_EXT_CAP_ID_MAX) or a capability that is intentionally\nchosen to be hidden from the user.\n\nHiding a capability is done by virtualizing and modifying the \u0027Next\nCapability Offset\u0027 field of the previous capability so it points to the\ncapability after the one that should be hidden.\n\nThe special case where the first capability in the list should be hidden\nis handled differently because there is no previous capability that can\nbe modified. In this case, the capability ID and version are zeroed\nwhile leaving the next pointer intact. This hides the capability and\nleaves an anchor for the rest of the capability list.\n\nHowever, today, hiding the first capability in the list is not done\nproperly if the capability is unknown, as struct\nvfio_pci_core_device-\u003epci_config_map is set to the capability ID during\ninitialization but the capability ID is not properly checked later when\nused in vfio_config_do_rw(). This leads to the following warning [1] and\nto an out-of-bounds access to ecap_perms array.\n\nFix it by checking cap_id in vfio_config_do_rw(), and if it is greater\nthan PCI_EXT_CAP_ID_MAX, use an alternative struct perm_bits for direct\nread only access instead of the ecap_perms array.\n\nNote that this is safe since the above is the only case where cap_id can\nexceed PCI_EXT_CAP_ID_MAX (except for the special capabilities, which\nare already checked before).\n\n[1]\n\nWARNING: CPU: 118 PID: 5329 at drivers/vfio/pci/vfio_pci_config.c:1900 vfio_pci_config_rw+0x395/0x430 [vfio_pci_core]\nCPU: 118 UID: 0 PID: 5329 Comm: simx-qemu-syste Not tainted 6.12.0+ #1\n(snip)\nCall Trace:\n \u003cTASK\u003e\n ? show_regs+0x69/0x80\n ? __warn+0x8d/0x140\n ? vfio_pci_config_rw+0x395/0x430 [vfio_pci_core]\n ? report_bug+0x18f/0x1a0\n ? handle_bug+0x63/0xa0\n ? exc_invalid_op+0x19/0x70\n ? asm_exc_invalid_op+0x1b/0x20\n ? vfio_pci_config_rw+0x395/0x430 [vfio_pci_core]\n ? vfio_pci_config_rw+0x244/0x430 [vfio_pci_core]\n vfio_pci_rw+0x101/0x1b0 [vfio_pci_core]\n vfio_pci_core_read+0x1d/0x30 [vfio_pci_core]\n vfio_device_fops_read+0x27/0x40 [vfio]\n vfs_read+0xbd/0x340\n ? vfio_device_fops_unl_ioctl+0xbb/0x740 [vfio]\n ? __rseq_handle_notify_resume+0xa4/0x4b0\n __x64_sys_pread64+0x96/0xc0\n x64_sys_call+0x1c3d/0x20d0\n do_syscall_64+0x4d/0x120\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53214",
"url": "https://www.suse.com/security/cve/CVE-2024-53214"
},
{
"category": "external",
"summary": "SUSE Bug 1235004 for CVE-2024-53214",
"url": "https://bugzilla.suse.com/1235004"
},
{
"category": "external",
"summary": "SUSE Bug 1235005 for CVE-2024-53214",
"url": "https://bugzilla.suse.com/1235005"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-53214"
},
{
"cve": "CVE-2024-56600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56600"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: inet6: do not leave a dangling sk pointer in inet6_create()\n\nsock_init_data() attaches the allocated sk pointer to the provided sock\nobject. If inet6_create() fails later, the sk object is released, but the\nsock object retains the dangling sk pointer, which may cause use-after-free\nlater.\n\nClear the sock sk pointer on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56600",
"url": "https://www.suse.com/security/cve/CVE-2024-56600"
},
{
"category": "external",
"summary": "SUSE Bug 1235217 for CVE-2024-56600",
"url": "https://bugzilla.suse.com/1235217"
},
{
"category": "external",
"summary": "SUSE Bug 1235218 for CVE-2024-56600",
"url": "https://bugzilla.suse.com/1235218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-56600"
},
{
"cve": "CVE-2024-56601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: inet: do not leave a dangling sk pointer in inet_create()\n\nsock_init_data() attaches the allocated sk object to the provided sock\nobject. If inet_create() fails later, the sk object is freed, but the\nsock object retains the dangling pointer, which may create use-after-free\nlater.\n\nClear the sk pointer in the sock object on error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56601",
"url": "https://www.suse.com/security/cve/CVE-2024-56601"
},
{
"category": "external",
"summary": "SUSE Bug 1235230 for CVE-2024-56601",
"url": "https://bugzilla.suse.com/1235230"
},
{
"category": "external",
"summary": "SUSE Bug 1235231 for CVE-2024-56601",
"url": "https://bugzilla.suse.com/1235231"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-56601"
},
{
"cve": "CVE-2024-56605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()\n\nbt_sock_alloc() allocates the sk object and attaches it to the provided\nsock object. On error l2cap_sock_alloc() frees the sk object, but the\ndangling pointer is still attached to the sock object, which may create\nuse-after-free in other code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56605",
"url": "https://www.suse.com/security/cve/CVE-2024-56605"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235061 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235061"
},
{
"category": "external",
"summary": "SUSE Bug 1235062 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235062"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-56605"
},
{
"cve": "CVE-2024-56650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: fix LED ID check in led_tg_check()\n\nSyzbot has reported the following BUG detected by KASAN:\n\nBUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70\nRead of size 1 at addr ffff8881022da0c8 by task repro/5879\n...\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x241/0x360\n ? __pfx_dump_stack_lvl+0x10/0x10\n ? __pfx__printk+0x10/0x10\n ? _printk+0xd5/0x120\n ? __virt_addr_valid+0x183/0x530\n ? __virt_addr_valid+0x183/0x530\n print_report+0x169/0x550\n ? __virt_addr_valid+0x183/0x530\n ? __virt_addr_valid+0x183/0x530\n ? __virt_addr_valid+0x45f/0x530\n ? __phys_addr+0xba/0x170\n ? strlen+0x58/0x70\n kasan_report+0x143/0x180\n ? strlen+0x58/0x70\n strlen+0x58/0x70\n kstrdup+0x20/0x80\n led_tg_check+0x18b/0x3c0\n xt_check_target+0x3bb/0xa40\n ? __pfx_xt_check_target+0x10/0x10\n ? stack_depot_save_flags+0x6e4/0x830\n ? nft_target_init+0x174/0xc30\n nft_target_init+0x82d/0xc30\n ? __pfx_nft_target_init+0x10/0x10\n ? nf_tables_newrule+0x1609/0x2980\n ? nf_tables_newrule+0x1609/0x2980\n ? rcu_is_watching+0x15/0xb0\n ? nf_tables_newrule+0x1609/0x2980\n ? nf_tables_newrule+0x1609/0x2980\n ? __kmalloc_noprof+0x21a/0x400\n nf_tables_newrule+0x1860/0x2980\n ? __pfx_nf_tables_newrule+0x10/0x10\n ? __nla_parse+0x40/0x60\n nfnetlink_rcv+0x14e5/0x2ab0\n ? __pfx_validate_chain+0x10/0x10\n ? __pfx_nfnetlink_rcv+0x10/0x10\n ? __lock_acquire+0x1384/0x2050\n ? netlink_deliver_tap+0x2e/0x1b0\n ? __pfx_lock_release+0x10/0x10\n ? netlink_deliver_tap+0x2e/0x1b0\n netlink_unicast+0x7f8/0x990\n ? __pfx_netlink_unicast+0x10/0x10\n ? __virt_addr_valid+0x183/0x530\n ? __check_object_size+0x48e/0x900\n netlink_sendmsg+0x8e4/0xcb0\n ? __pfx_netlink_sendmsg+0x10/0x10\n ? aa_sock_msg_perm+0x91/0x160\n ? __pfx_netlink_sendmsg+0x10/0x10\n __sock_sendmsg+0x223/0x270\n ____sys_sendmsg+0x52a/0x7e0\n ? __pfx_____sys_sendmsg+0x10/0x10\n __sys_sendmsg+0x292/0x380\n ? __pfx___sys_sendmsg+0x10/0x10\n ? lockdep_hardirqs_on_prepare+0x43d/0x780\n ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10\n ? exc_page_fault+0x590/0x8c0\n ? do_syscall_64+0xb6/0x230\n do_syscall_64+0xf3/0x230\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n...\n \u003c/TASK\u003e\n\nSince an invalid (without \u0027\\0\u0027 byte at all) byte sequence may be passed\nfrom userspace, add an extra check to ensure that such a sequence is\nrejected as possible ID and so never passed to \u0027kstrdup()\u0027 and further.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56650",
"url": "https://www.suse.com/security/cve/CVE-2024-56650"
},
{
"category": "external",
"summary": "SUSE Bug 1235430 for CVE-2024-56650",
"url": "https://bugzilla.suse.com/1235430"
},
{
"category": "external",
"summary": "SUSE Bug 1235431 for CVE-2024-56650",
"url": "https://bugzilla.suse.com/1235431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-56650"
},
{
"cve": "CVE-2024-56664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix race between element replace and close()\n\nElement replace (with a socket different from the one stored) may race\nwith socket\u0027s close() link popping \u0026 unlinking. __sock_map_delete()\nunconditionally unrefs the (wrong) element:\n\n// set map[0] = s0\nmap_update_elem(map, 0, s0)\n\n// drop fd of s0\nclose(s0)\n sock_map_close()\n lock_sock(sk) (s0!)\n sock_map_remove_links(sk)\n link = sk_psock_link_pop()\n sock_map_unlink(sk, link)\n sock_map_delete_from_link\n // replace map[0] with s1\n map_update_elem(map, 0, s1)\n sock_map_update_elem\n (s1!) lock_sock(sk)\n sock_map_update_common\n psock = sk_psock(sk)\n spin_lock(\u0026stab-\u003elock)\n osk = stab-\u003esks[idx]\n sock_map_add_link(..., \u0026stab-\u003esks[idx])\n sock_map_unref(osk, \u0026stab-\u003esks[idx])\n psock = sk_psock(osk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test(\u0026psock))\n sk_psock_drop(sk, psock)\n spin_unlock(\u0026stab-\u003elock)\n unlock_sock(sk)\n __sock_map_delete\n spin_lock(\u0026stab-\u003elock)\n sk = *psk // s1 replaced s0; sk == s1\n if (!sk_test || sk_test == sk) // sk_test (s0) != sk (s1); no branch\n sk = xchg(psk, NULL)\n if (sk)\n sock_map_unref(sk, psk) // unref s1; sks[idx] will dangle\n psock = sk_psock(sk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test())\n sk_psock_drop(sk, psock)\n spin_unlock(\u0026stab-\u003elock)\n release_sock(sk)\n\nThen close(map) enqueues bpf_map_free_deferred, which finally calls\nsock_map_free(). This results in some refcount_t warnings along with\na KASAN splat [1].\n\nFix __sock_map_delete(), do not allow sock_map_unref() on elements that\nmay have been replaced.\n\n[1]:\nBUG: KASAN: slab-use-after-free in sock_map_free+0x10e/0x330\nWrite of size 4 at addr ffff88811f5b9100 by task kworker/u64:12/1063\n\nCPU: 14 UID: 0 PID: 1063 Comm: kworker/u64:12 Not tainted 6.12.0+ #125\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\nWorkqueue: events_unbound bpf_map_free_deferred\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n kasan_check_range+0x10f/0x1e0\n sock_map_free+0x10e/0x330\n bpf_map_free_deferred+0x173/0x320\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 1202:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n unix_create1+0x88/0x8a0\n unix_create+0xc5/0x180\n __sock_create+0x241/0x650\n __sys_socketpair+0x1ce/0x420\n __x64_sys_socketpair+0x92/0x100\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 46:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n sk_psock_destroy+0x73e/0xa50\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nThe bu\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56664",
"url": "https://www.suse.com/security/cve/CVE-2024-56664"
},
{
"category": "external",
"summary": "SUSE Bug 1235249 for CVE-2024-56664",
"url": "https://bugzilla.suse.com/1235249"
},
{
"category": "external",
"summary": "SUSE Bug 1235250 for CVE-2024-56664",
"url": "https://bugzilla.suse.com/1235250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-56664"
},
{
"cve": "CVE-2024-57893",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57893"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: seq: oss: Fix races at processing SysEx messages\n\nOSS sequencer handles the SysEx messages split in 6 bytes packets, and\nALSA sequencer OSS layer tries to combine those. It stores the data\nin the internal buffer and this access is racy as of now, which may\nlead to the out-of-bounds access.\n\nAs a temporary band-aid fix, introduce a mutex for serializing the\nprocess of the SysEx message packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57893",
"url": "https://www.suse.com/security/cve/CVE-2024-57893"
},
{
"category": "external",
"summary": "SUSE Bug 1235920 for CVE-2024-57893",
"url": "https://bugzilla.suse.com/1235920"
},
{
"category": "external",
"summary": "SUSE Bug 1235921 for CVE-2024-57893",
"url": "https://bugzilla.suse.com/1235921"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-57893"
},
{
"cve": "CVE-2024-57996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don\u0027t allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q-\u003etail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57996",
"url": "https://www.suse.com/security/cve/CVE-2024-57996"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "external",
"summary": "SUSE Bug 1239077 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-8805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-8805"
}
],
"notes": [
{
"category": "general",
"text": "BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the implementation of the HID over GATT Profile. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25177.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-8805",
"url": "https://www.suse.com/security/cve/CVE-2024-8805"
},
{
"category": "external",
"summary": "SUSE Bug 1230697 for CVE-2024-8805",
"url": "https://bugzilla.suse.com/1230697"
},
{
"category": "external",
"summary": "SUSE Bug 1240804 for CVE-2024-8805",
"url": "https://bugzilla.suse.com/1240804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2024-8805"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21772",
"url": "https://www.suse.com/security/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "SUSE Bug 1238911 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "external",
"summary": "SUSE Bug 1238912 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: use RCU protection in l3mdev_l3_out()\n\nl3mdev_l3_out() can be called without RCU being held:\n\nraw_sendmsg()\n ip_push_pending_frames()\n ip_send_skb()\n ip_local_out()\n __ip_local_out()\n l3mdev_ip_out()\n\nAdd rcu_read_lock() / rcu_read_unlock() pair to avoid\na potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21791",
"url": "https://www.suse.com/security/cve/CVE-2025-21791"
},
{
"category": "external",
"summary": "SUSE Bug 1238512 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "external",
"summary": "SUSE Bug 1240744 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1240744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-21791"
},
{
"cve": "CVE-2025-21971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Prevent creation of classes with TC_H_ROOT\n\nThe function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination\ncondition when traversing up the qdisc tree to update parent backlog\ncounters. However, if a class is created with classid TC_H_ROOT, the\ntraversal terminates prematurely at this class instead of reaching the\nactual root qdisc, causing parent statistics to be incorrectly maintained.\nIn case of DRR, this could lead to a crash as reported by Mingi Cho.\n\nPrevent the creation of any Qdisc class with classid TC_H_ROOT\n(0xFFFFFFFF) across all qdisc types, as suggested by Jamal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21971",
"url": "https://www.suse.com/security/cve/CVE-2025-21971"
},
{
"category": "external",
"summary": "SUSE Bug 1240799 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "external",
"summary": "SUSE Bug 1245794 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1245794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-21971"
},
{
"cve": "CVE-2025-37752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: move the limit validation\n\nIt is not sufficient to directly validate the limit on the data that\nthe user passes as it can be updated based on how the other parameters\nare changed.\n\nMove the check at the end of the configuration update process to also\ncatch scenarios where the limit is indirectly updated, for example\nwith the following configurations:\n\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 depth 1\ntc qdisc add dev dummy0 handle 1: root sfq limit 2 flows 1 divisor 1\n\nThis fixes the following syzkaller reported crash:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:203:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 1 UID: 0 PID: 3037 Comm: syz.2.16 Not tainted 6.14.0-rc2-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0xf5/0x120 lib/ubsan.c:429\n sfq_link net/sched/sch_sfq.c:203 [inline]\n sfq_dec+0x53c/0x610 net/sched/sch_sfq.c:231\n sfq_dequeue+0x34e/0x8c0 net/sched/sch_sfq.c:493\n sfq_reset+0x17/0x60 net/sched/sch_sfq.c:518\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n tbf_reset+0x41/0x110 net/sched/sch_tbf.c:339\n qdisc_reset+0x12e/0x600 net/sched/sch_generic.c:1035\n dev_reset_queue+0x100/0x1b0 net/sched/sch_generic.c:1311\n netdev_for_each_tx_queue include/linux/netdevice.h:2590 [inline]\n dev_deactivate_many+0x7e5/0xe70 net/sched/sch_generic.c:1375",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37752",
"url": "https://www.suse.com/security/cve/CVE-2025-37752"
},
{
"category": "external",
"summary": "SUSE Bug 1242504 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1242504"
},
{
"category": "external",
"summary": "SUSE Bug 1245776 for CVE-2025-37752",
"url": "https://bugzilla.suse.com/1245776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-37752"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-38000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()\n\nWhen enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the\nchild qdisc\u0027s peek() operation before incrementing sch-\u003eq.qlen and\nsch-\u003eqstats.backlog. If the child qdisc uses qdisc_peek_dequeued(), this may\ntrigger an immediate dequeue and potential packet drop. In such cases,\nqdisc_tree_reduce_backlog() is called, but the HFSC qdisc\u0027s qlen and backlog\nhave not yet been updated, leading to inconsistent queue accounting. This\ncan leave an empty HFSC class in the active list, causing further\nconsequences like use-after-free.\n\nThis patch fixes the bug by moving the increment of sch-\u003eq.qlen and\nsch-\u003eqstats.backlog before the call to the child qdisc\u0027s peek() operation.\nThis ensures that queue length and backlog are always accurate when packet\ndrops or dequeues are triggered during the peek.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38000",
"url": "https://www.suse.com/security/cve/CVE-2025-38000"
},
{
"category": "external",
"summary": "SUSE Bug 1244277 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1244277"
},
{
"category": "external",
"summary": "SUSE Bug 1245775 for CVE-2025-38000",
"url": "https://bugzilla.suse.com/1245775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38000"
},
{
"cve": "CVE-2025-38079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_hash - fix double free in hash_accept\n\nIf accept(2) is called on socket type algif_hash with\nMSG_MORE flag set and crypto_ahash_import fails,\nsk2 is freed. However, it is also freed in af_alg_release,\nleading to slab-use-after-free error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38079",
"url": "https://www.suse.com/security/cve/CVE-2025-38079"
},
{
"category": "external",
"summary": "SUSE Bug 1245217 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245217"
},
{
"category": "external",
"summary": "SUSE Bug 1245218 for CVE-2025-38079",
"url": "https://bugzilla.suse.com/1245218"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38079"
},
{
"cve": "CVE-2025-38083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: prio: fix a race in prio_tune()\n\nGerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer\nfires at the wrong time.\n\nThe race is as follows:\n\nCPU 0 CPU 1\n[1]: lock root\n[2]: qdisc_tree_flush_backlog()\n[3]: unlock root\n |\n | [5]: lock root\n | [6]: rehash\n | [7]: qdisc_tree_reduce_backlog()\n |\n[4]: qdisc_put()\n\nThis can be abused to underflow a parent\u0027s qlen.\n\nCalling qdisc_purge_queue() instead of qdisc_tree_flush_backlog()\nshould fix the race, because all packets will be purged from the qdisc\nbefore releasing the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38083",
"url": "https://www.suse.com/security/cve/CVE-2025-38083"
},
{
"category": "external",
"summary": "SUSE Bug 1245183 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245183"
},
{
"category": "external",
"summary": "SUSE Bug 1245350 for CVE-2025-38083",
"url": "https://bugzilla.suse.com/1245350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38083"
},
{
"cve": "CVE-2025-38177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: make hfsc_qlen_notify() idempotent\n\nhfsc_qlen_notify() is not idempotent either and not friendly\nto its callers, like fq_codel_dequeue(). Let\u0027s make it idempotent\nto ease qdisc_tree_reduce_backlog() callers\u0027 life:\n\n1. update_vf() decreases cl-\u003ecl_nactive, so we can check whether it is\nnon-zero before calling it.\n\n2. eltree_remove() always removes RB node cl-\u003eel_node, but we can use\n RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38177",
"url": "https://www.suse.com/security/cve/CVE-2025-38177"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-38177",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245986 for CVE-2025-38177",
"url": "https://bugzilla.suse.com/1245986"
},
{
"category": "external",
"summary": "SUSE Bug 1246356 for CVE-2025-38177",
"url": "https://bugzilla.suse.com/1246356"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-38177",
"url": "https://bugzilla.suse.com/1247374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38177"
},
{
"cve": "CVE-2025-38181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncalipso: Fix null-ptr-deref in calipso_req_{set,del}attr().\n\nsyzkaller reported a null-ptr-deref in sock_omalloc() while allocating\na CALIPSO option. [0]\n\nThe NULL is of struct sock, which was fetched by sk_to_full_sk() in\ncalipso_req_setattr().\n\nSince commit a1a5344ddbe8 (\"tcp: avoid two atomic ops for syncookies\"),\nreqsk-\u003ersk_listener could be NULL when SYN Cookie is returned to its\nclient, as hinted by the leading SYN Cookie log.\n\nHere are 3 options to fix the bug:\n\n 1) Return 0 in calipso_req_setattr()\n 2) Return an error in calipso_req_setattr()\n 3) Alaways set rsk_listener\n\n1) is no go as it bypasses LSM, but 2) effectively disables SYN Cookie\nfor CALIPSO. 3) is also no go as there have been many efforts to reduce\natomic ops and make TCP robust against DDoS. See also commit 3b24d854cb35\n(\"tcp/dccp: do not touch listener sk_refcnt under synflood\").\n\nAs of the blamed commit, SYN Cookie already did not need refcounting,\nand no one has stumbled on the bug for 9 years, so no CALIPSO user will\ncare about SYN Cookie.\n\nLet\u0027s return an error in calipso_req_setattr() and calipso_req_delattr()\nin the SYN Cookie case.\n\nThis can be reproduced by [1] on Fedora and now connect() of nc times out.\n\n[0]:\nTCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\nCPU: 3 UID: 0 PID: 12262 Comm: syz.1.2611 Not tainted 6.14.0 #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:read_pnet include/net/net_namespace.h:406 [inline]\nRIP: 0010:sock_net include/net/sock.h:655 [inline]\nRIP: 0010:sock_kmalloc+0x35/0x170 net/core/sock.c:2806\nCode: 89 d5 41 54 55 89 f5 53 48 89 fb e8 25 e3 c6 fd e8 f0 91 e3 00 48 8d 7b 30 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 26 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b\nRSP: 0018:ffff88811af89038 EFLAGS: 00010216\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff888105266400\nRDX: 0000000000000006 RSI: ffff88800c890000 RDI: 0000000000000030\nRBP: 0000000000000050 R08: 0000000000000000 R09: ffff88810526640e\nR10: ffffed1020a4cc81 R11: ffff88810526640f R12: 0000000000000000\nR13: 0000000000000820 R14: ffff888105266400 R15: 0000000000000050\nFS: 00007f0653a07640(0000) GS:ffff88811af80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f863ba096f4 CR3: 00000000163c0005 CR4: 0000000000770ef0\nPKRU: 80000000\nCall Trace:\n \u003cIRQ\u003e\n ipv6_renew_options+0x279/0x950 net/ipv6/exthdrs.c:1288\n calipso_req_setattr+0x181/0x340 net/ipv6/calipso.c:1204\n calipso_req_setattr+0x56/0x80 net/netlabel/netlabel_calipso.c:597\n netlbl_req_setattr+0x18a/0x440 net/netlabel/netlabel_kapi.c:1249\n selinux_netlbl_inet_conn_request+0x1fb/0x320 security/selinux/netlabel.c:342\n selinux_inet_conn_request+0x1eb/0x2c0 security/selinux/hooks.c:5551\n security_inet_conn_request+0x50/0xa0 security/security.c:4945\n tcp_v6_route_req+0x22c/0x550 net/ipv6/tcp_ipv6.c:825\n tcp_conn_request+0xec8/0x2b70 net/ipv4/tcp_input.c:7275\n tcp_v6_conn_request+0x1e3/0x440 net/ipv6/tcp_ipv6.c:1328\n tcp_rcv_state_process+0xafa/0x52b0 net/ipv4/tcp_input.c:6781\n tcp_v6_do_rcv+0x8a6/0x1a40 net/ipv6/tcp_ipv6.c:1667\n tcp_v6_rcv+0x505e/0x5b50 net/ipv6/tcp_ipv6.c:1904\n ip6_protocol_deliver_rcu+0x17c/0x1da0 net/ipv6/ip6_input.c:436\n ip6_input_finish+0x103/0x180 net/ipv6/ip6_input.c:480\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n ip6_input+0x13c/0x6b0 net/ipv6/ip6_input.c:491\n dst_input include/net/dst.h:469 [inline]\n ip6_rcv_finish net/ipv6/ip6_input.c:79 [inline]\n ip6_rcv_finish+0xb6/0x490 net/ipv6/ip6_input.c:69\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38181",
"url": "https://www.suse.com/security/cve/CVE-2025-38181"
},
{
"category": "external",
"summary": "SUSE Bug 1246000 for CVE-2025-38181",
"url": "https://bugzilla.suse.com/1246000"
},
{
"category": "external",
"summary": "SUSE Bug 1246001 for CVE-2025-38181",
"url": "https://bugzilla.suse.com/1246001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38181"
},
{
"cve": "CVE-2025-38212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38212"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipc: fix to protect IPCS lookups using RCU\n\nsyzbot reported that it discovered a use-after-free vulnerability, [0]\n\n[0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/\n\nidr_for_each() is protected by rwsem, but this is not enough. If it is\nnot protected by RCU read-critical region, when idr_for_each() calls\nradix_tree_node_free() through call_rcu() to free the radix_tree_node\nstructure, the node will be freed immediately, and when reading the next\nnode in radix_tree_for_each_slot(), the already freed memory may be read.\n\nTherefore, we need to add code to make sure that idr_for_each() is\nprotected within the RCU read-critical region when we call it in\nshm_destroy_orphaned().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38212",
"url": "https://www.suse.com/security/cve/CVE-2025-38212"
},
{
"category": "external",
"summary": "SUSE Bug 1246029 for CVE-2025-38212",
"url": "https://bugzilla.suse.com/1246029"
},
{
"category": "external",
"summary": "SUSE Bug 1246030 for CVE-2025-38212",
"url": "https://bugzilla.suse.com/1246030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38212"
},
{
"cve": "CVE-2025-38477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38477"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_qfq: Fix race condition on qfq_aggregate\n\nA race condition can occur when \u0027agg\u0027 is modified in qfq_change_agg\n(called during qfq_enqueue) while other threads access it\nconcurrently. For example, qfq_dump_class may trigger a NULL\ndereference, and qfq_delete_class may cause a use-after-free.\n\nThis patch addresses the issue by:\n\n1. Moved qfq_destroy_class into the critical section.\n\n2. Added sch_tree_lock protection to qfq_dump_class and\nqfq_dump_class_stats.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38477",
"url": "https://www.suse.com/security/cve/CVE-2025-38477"
},
{
"category": "external",
"summary": "SUSE Bug 1247314 for CVE-2025-38477",
"url": "https://bugzilla.suse.com/1247314"
},
{
"category": "external",
"summary": "SUSE Bug 1247315 for CVE-2025-38477",
"url": "https://bugzilla.suse.com/1247315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38477"
},
{
"cve": "CVE-2025-38494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38494"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: do not bypass hid_hw_raw_request\n\nhid_hw_raw_request() is actually useful to ensure the provided buffer\nand length are valid. Directly calling in the low level transport driver\nfunction bypassed those checks and allowed invalid paramto be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38494",
"url": "https://www.suse.com/security/cve/CVE-2025-38494"
},
{
"category": "external",
"summary": "SUSE Bug 1247349 for CVE-2025-38494",
"url": "https://bugzilla.suse.com/1247349"
},
{
"category": "external",
"summary": "SUSE Bug 1247350 for CVE-2025-38494",
"url": "https://bugzilla.suse.com/1247350"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38494"
},
{
"cve": "CVE-2025-38495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: ensure the allocated report buffer can contain the reserved report ID\n\nWhen the report ID is not used, the low level transport drivers expect\nthe first byte to be 0. However, currently the allocated buffer not\naccount for that extra byte, meaning that instead of having 8 guaranteed\nbytes for implement to be working, we only have 7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38495",
"url": "https://www.suse.com/security/cve/CVE-2025-38495"
},
{
"category": "external",
"summary": "SUSE Bug 1247348 for CVE-2025-38495",
"url": "https://bugzilla.suse.com/1247348"
},
{
"category": "external",
"summary": "SUSE Bug 1247351 for CVE-2025-38495",
"url": "https://bugzilla.suse.com/1247351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38495"
},
{
"cve": "CVE-2025-38498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38498"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndo_change_type(): refuse to operate on unmounted/not ours mounts\n\nEnsure that propagation settings can only be changed for mounts located\nin the caller\u0027s mount namespace. This change aligns permission checking\nwith the rest of mount(2).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38498",
"url": "https://www.suse.com/security/cve/CVE-2025-38498"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-38498",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1247499 for CVE-2025-38498",
"url": "https://bugzilla.suse.com/1247499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38498"
},
{
"cve": "CVE-2025-38499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns\n\nWhat we want is to verify there is that clone won\u0027t expose something\nhidden by a mount we wouldn\u0027t be able to undo. \"Wouldn\u0027t be able to undo\"\nmay be a result of MNT_LOCKED on a child, but it may also come from\nlacking admin rights in the userns of the namespace mount belongs to.\n\nclone_private_mnt() checks the former, but not the latter.\n\nThere\u0027s a number of rather confusing CAP_SYS_ADMIN checks in various\nuserns during the mount, especially with the new mount API; they serve\ndifferent purposes and in case of clone_private_mnt() they usually,\nbut not always end up covering the missing check mentioned above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38499",
"url": "https://www.suse.com/security/cve/CVE-2025-38499"
},
{
"category": "external",
"summary": "SUSE Bug 1247976 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1247976"
},
{
"category": "external",
"summary": "SUSE Bug 1248673 for CVE-2025-38499",
"url": "https://bugzilla.suse.com/1248673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38499"
},
{
"cve": "CVE-2025-38617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix a race in packet_set_ring() and packet_notifier()\n\nWhen packet_set_ring() releases po-\u003ebind_lock, another thread can\nrun packet_notifier() and process an NETDEV_UP event.\n\nThis race and the fix are both similar to that of commit 15fe076edea7\n(\"net/packet: fix a race in packet_bind() and packet_notifier()\").\n\nThere too the packet_notifier NETDEV_UP event managed to run while a\npo-\u003ebind_lock critical section had to be temporarily released. And\nthe fix was similarly to temporarily set po-\u003enum to zero to keep\nthe socket unhooked until the lock is retaken.\n\nThe po-\u003ebind_lock in packet_set_ring and packet_notifier precede the\nintroduction of git history.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38617",
"url": "https://www.suse.com/security/cve/CVE-2025-38617"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1248621 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1248621"
},
{
"category": "external",
"summary": "SUSE Bug 1249208 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1249208"
},
{
"category": "external",
"summary": "SUSE Bug 1253291 for CVE-2025-38617",
"url": "https://bugzilla.suse.com/1253291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38617"
},
{
"cve": "CVE-2025-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Do not allow binding to VMADDR_PORT_ANY\n\nIt is possible for a vsock to autobind to VMADDR_PORT_ANY. This can\ncause a use-after-free when a connection is made to the bound socket.\nThe socket returned by accept() also has port VMADDR_PORT_ANY but is not\non the list of unbound sockets. Binding it will result in an extra\nrefcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep\nthe binding until socket destruction).\n\nModify the check in __vsock_bind_connectible() to also prevent binding\nto VMADDR_PORT_ANY.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38618",
"url": "https://www.suse.com/security/cve/CVE-2025-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1248511 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1248511"
},
{
"category": "external",
"summary": "SUSE Bug 1249207 for CVE-2025-38618",
"url": "https://bugzilla.suse.com/1249207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38618"
},
{
"cve": "CVE-2025-38644",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38644"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: reject TDLS operations when station is not associated\n\nsyzbot triggered a WARN in ieee80211_tdls_oper() by sending\nNL80211_TDLS_ENABLE_LINK immediately after NL80211_CMD_CONNECT,\nbefore association completed and without prior TDLS setup.\n\nThis left internal state like sdata-\u003eu.mgd.tdls_peer uninitialized,\nleading to a WARN_ON() in code paths that assumed it was valid.\n\nReject the operation early if not in station mode or not associated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38644",
"url": "https://www.suse.com/security/cve/CVE-2025-38644"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1248748 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248748"
},
{
"category": "external",
"summary": "SUSE Bug 1248749 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1248749"
},
{
"category": "external",
"summary": "SUSE Bug 1253291 for CVE-2025-38644",
"url": "https://bugzilla.suse.com/1253291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_231-default-18-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T02:04:00Z",
"details": "important"
}
],
"title": "CVE-2025-38644"
}
]
}
SUSE-SU-2024:4388-1
Vulnerability from csaf_suse - Published: 2024-12-19 18:32 - Updated: 2024-12-19 18:32Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)
- CVE-2024-50089: unicode: Do not special case ignorable code points (bsc#1232860).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907).
- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).
- CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233293).
- CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233117).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233490).
- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491).
- CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).
- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).
The following non-security bugs were fixed:
- Update config files (bsc#1218644).
- initramfs: avoid filename buffer overrun (bsc#1232436).
- kernel-binary: Enable livepatch package only when livepatch is enabled Otherwise the filelist may be empty failing the build (bsc#1218644).
- rpm/scripts: Remove obsolete Symbols.list Symbols.list is not longer needed by the new klp-convert implementation. (bsc#1218644)
Patchnames
SUSE-2024-4388,SUSE-SLE-Module-Live-Patching-15-SP2-2024-4388,SUSE-SLE-Product-HA-15-SP2-2024-4388,SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4388,SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4388,SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4388
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).\n- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)\n- CVE-2024-50089: unicode: Do not special case ignorable code points (bsc#1232860).\n- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).\n- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).\n- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907).\n- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).\n- CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233293).\n- CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233117).\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233453).\n- CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).\n- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).\n- CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).\n- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233490).\n- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491).\n- CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).\n- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).\n\nThe following non-security bugs were fixed:\n\n- Update config files (bsc#1218644).\n- initramfs: avoid filename buffer overrun (bsc#1232436).\n- kernel-binary: Enable livepatch package only when livepatch is enabled Otherwise the filelist may be empty failing the build (bsc#1218644).\n- rpm/scripts: Remove obsolete Symbols.list Symbols.list is not longer needed by the new klp-convert implementation. (bsc#1218644)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-4388,SUSE-SLE-Module-Live-Patching-15-SP2-2024-4388,SUSE-SLE-Product-HA-15-SP2-2024-4388,SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4388,SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4388,SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4388",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_4388-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:4388-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20244388-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:4388-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020034.html"
},
{
"category": "self",
"summary": "SUSE Bug 1218644",
"url": "https://bugzilla.suse.com/1218644"
},
{
"category": "self",
"summary": "SUSE Bug 1220927",
"url": "https://bugzilla.suse.com/1220927"
},
{
"category": "self",
"summary": "SUSE Bug 1232224",
"url": "https://bugzilla.suse.com/1232224"
},
{
"category": "self",
"summary": "SUSE Bug 1232436",
"url": "https://bugzilla.suse.com/1232436"
},
{
"category": "self",
"summary": "SUSE Bug 1232860",
"url": "https://bugzilla.suse.com/1232860"
},
{
"category": "self",
"summary": "SUSE Bug 1232907",
"url": "https://bugzilla.suse.com/1232907"
},
{
"category": "self",
"summary": "SUSE Bug 1232919",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "self",
"summary": "SUSE Bug 1232928",
"url": "https://bugzilla.suse.com/1232928"
},
{
"category": "self",
"summary": "SUSE Bug 1233070",
"url": "https://bugzilla.suse.com/1233070"
},
{
"category": "self",
"summary": "SUSE Bug 1233117",
"url": "https://bugzilla.suse.com/1233117"
},
{
"category": "self",
"summary": "SUSE Bug 1233293",
"url": "https://bugzilla.suse.com/1233293"
},
{
"category": "self",
"summary": "SUSE Bug 1233453",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "self",
"summary": "SUSE Bug 1233456",
"url": "https://bugzilla.suse.com/1233456"
},
{
"category": "self",
"summary": "SUSE Bug 1233468",
"url": "https://bugzilla.suse.com/1233468"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233490",
"url": "https://bugzilla.suse.com/1233490"
},
{
"category": "self",
"summary": "SUSE Bug 1233491",
"url": "https://bugzilla.suse.com/1233491"
},
{
"category": "self",
"summary": "SUSE Bug 1233555",
"url": "https://bugzilla.suse.com/1233555"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52524 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52524/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50089 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50115 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50125 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50127 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50127/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50154 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50205 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50208 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50267 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50279 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50279/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50301 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50302 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50302/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53142 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53142/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-12-19T18:32:06Z",
"generator": {
"date": "2024-12-19T18:32:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:4388-1",
"initial_release_date": "2024-12-19T18:32:06Z",
"revision_history": [
{
"date": "2024-12-19T18:32:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"product_id": "cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-preempt-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "cluster-md-kmp-preempt-5.3.18-150200.24.212.1.aarch64",
"product_id": "cluster-md-kmp-preempt-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"product_id": "dlm-kmp-default-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-preempt-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "dlm-kmp-preempt-5.3.18-150200.24.212.1.aarch64",
"product_id": "dlm-kmp-preempt-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"product_id": "gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-preempt-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "gfs2-kmp-preempt-5.3.18-150200.24.212.1.aarch64",
"product_id": "gfs2-kmp-preempt-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "kernel-default-5.3.18-150200.24.212.1.aarch64",
"product_id": "kernel-default-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"product": {
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"product_id": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"product_id": "kernel-default-base-rebuild-5.3.18-150200.24.212.1.150200.9.111.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"product_id": "kernel-default-devel-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "kernel-default-extra-5.3.18-150200.24.212.1.aarch64",
"product_id": "kernel-default-extra-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "kernel-default-livepatch-5.3.18-150200.24.212.1.aarch64",
"product_id": "kernel-default-livepatch-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"product_id": "kernel-obs-build-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "kernel-obs-qa-5.3.18-150200.24.212.1.aarch64",
"product_id": "kernel-obs-qa-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"product_id": "kernel-preempt-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"product_id": "kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-extra-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "kernel-preempt-extra-5.3.18-150200.24.212.1.aarch64",
"product_id": "kernel-preempt-extra-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "kernel-syms-5.3.18-150200.24.212.1.aarch64",
"product_id": "kernel-syms-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "kselftests-kmp-default-5.3.18-150200.24.212.1.aarch64",
"product_id": "kselftests-kmp-default-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-preempt-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "kselftests-kmp-preempt-5.3.18-150200.24.212.1.aarch64",
"product_id": "kselftests-kmp-preempt-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"product_id": "ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-preempt-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "ocfs2-kmp-preempt-5.3.18-150200.24.212.1.aarch64",
"product_id": "ocfs2-kmp-preempt-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"product_id": "reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-preempt-5.3.18-150200.24.212.1.aarch64",
"product": {
"name": "reiserfs-kmp-preempt-5.3.18-150200.24.212.1.aarch64",
"product_id": "reiserfs-kmp-preempt-5.3.18-150200.24.212.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-5.3.18-150200.24.212.1.noarch",
"product": {
"name": "kernel-devel-5.3.18-150200.24.212.1.noarch",
"product_id": "kernel-devel-5.3.18-150200.24.212.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-5.3.18-150200.24.212.1.noarch",
"product": {
"name": "kernel-docs-5.3.18-150200.24.212.1.noarch",
"product_id": "kernel-docs-5.3.18-150200.24.212.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-5.3.18-150200.24.212.1.noarch",
"product": {
"name": "kernel-docs-html-5.3.18-150200.24.212.1.noarch",
"product_id": "kernel-docs-html-5.3.18-150200.24.212.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-5.3.18-150200.24.212.1.noarch",
"product": {
"name": "kernel-macros-5.3.18-150200.24.212.1.noarch",
"product_id": "kernel-macros-5.3.18-150200.24.212.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-5.3.18-150200.24.212.1.noarch",
"product": {
"name": "kernel-source-5.3.18-150200.24.212.1.noarch",
"product_id": "kernel-source-5.3.18-150200.24.212.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-5.3.18-150200.24.212.1.noarch",
"product": {
"name": "kernel-source-vanilla-5.3.18-150200.24.212.1.noarch",
"product_id": "kernel-source-vanilla-5.3.18-150200.24.212.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"product_id": "cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"product_id": "dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"product_id": "gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "kernel-debug-5.3.18-150200.24.212.1.ppc64le",
"product_id": "kernel-debug-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "kernel-debug-devel-5.3.18-150200.24.212.1.ppc64le",
"product_id": "kernel-debug-devel-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "kernel-default-5.3.18-150200.24.212.1.ppc64le",
"product_id": "kernel-default-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"product": {
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"product_id": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"product_id": "kernel-default-base-rebuild-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"product_id": "kernel-default-devel-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "kernel-default-extra-5.3.18-150200.24.212.1.ppc64le",
"product_id": "kernel-default-extra-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"product_id": "kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"product_id": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-5.3.18-150200.24.212.1.ppc64le",
"product_id": "kernel-kvmsmall-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-devel-5.3.18-150200.24.212.1.ppc64le",
"product_id": "kernel-kvmsmall-devel-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"product_id": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"product_id": "kernel-obs-build-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "kernel-obs-qa-5.3.18-150200.24.212.1.ppc64le",
"product_id": "kernel-obs-qa-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"product_id": "kernel-syms-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"product_id": "kselftests-kmp-default-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"product_id": "ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"product": {
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"product_id": "reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"product_id": "cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"product_id": "dlm-kmp-default-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"product_id": "gfs2-kmp-default-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "kernel-default-5.3.18-150200.24.212.1.s390x",
"product_id": "kernel-default-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"product": {
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"product_id": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"product_id": "kernel-default-base-rebuild-5.3.18-150200.24.212.1.150200.9.111.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"product_id": "kernel-default-devel-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "kernel-default-extra-5.3.18-150200.24.212.1.s390x",
"product_id": "kernel-default-extra-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"product_id": "kernel-default-livepatch-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"product_id": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"product_id": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"product_id": "kernel-obs-build-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "kernel-obs-qa-5.3.18-150200.24.212.1.s390x",
"product_id": "kernel-obs-qa-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "kernel-syms-5.3.18-150200.24.212.1.s390x",
"product_id": "kernel-syms-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "kernel-zfcpdump-5.3.18-150200.24.212.1.s390x",
"product_id": "kernel-zfcpdump-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "kselftests-kmp-default-5.3.18-150200.24.212.1.s390x",
"product_id": "kselftests-kmp-default-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"product_id": "ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"product": {
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"product_id": "reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"product_id": "cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-preempt-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "cluster-md-kmp-preempt-5.3.18-150200.24.212.1.x86_64",
"product_id": "cluster-md-kmp-preempt-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"product_id": "dlm-kmp-default-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-preempt-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "dlm-kmp-preempt-5.3.18-150200.24.212.1.x86_64",
"product_id": "dlm-kmp-preempt-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"product_id": "gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-preempt-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "gfs2-kmp-preempt-5.3.18-150200.24.212.1.x86_64",
"product_id": "gfs2-kmp-preempt-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-debug-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-debug-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-debug-devel-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-debug-devel-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-default-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-default-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"product": {
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"product_id": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"product": {
"name": "kernel-default-base-rebuild-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"product_id": "kernel-default-base-rebuild-5.3.18-150200.24.212.1.150200.9.111.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-default-devel-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-default-extra-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-default-extra-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-kvmsmall-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-kvmsmall-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-kvmsmall-devel-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-5_3_18-150200_24_212-preempt-1-150200.5.3.1.x86_64",
"product": {
"name": "kernel-livepatch-5_3_18-150200_24_212-preempt-1-150200.5.3.1.x86_64",
"product_id": "kernel-livepatch-5_3_18-150200_24_212-preempt-1-150200.5.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-obs-build-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-obs-qa-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-obs-qa-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-preempt-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-preempt-extra-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-preempt-extra-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-preempt-extra-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kernel-syms-5.3.18-150200.24.212.1.x86_64",
"product_id": "kernel-syms-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kselftests-kmp-default-5.3.18-150200.24.212.1.x86_64",
"product_id": "kselftests-kmp-default-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-preempt-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "kselftests-kmp-preempt-5.3.18-150200.24.212.1.x86_64",
"product_id": "kselftests-kmp-preempt-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"product_id": "ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-preempt-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "ocfs2-kmp-preempt-5.3.18-150200.24.212.1.x86_64",
"product_id": "ocfs2-kmp-preempt-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"product_id": "reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-preempt-5.3.18-150200.24.212.1.x86_64",
"product": {
"name": "reiserfs-kmp-preempt-5.3.18-150200.24.212.1.x86_64",
"product_id": "reiserfs-kmp-preempt-5.3.18-150200.24.212.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15 SP2",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-5.3.18-150200.24.212.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x"
},
"product_reference": "kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x"
},
"product_reference": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP2",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64"
},
"product_reference": "kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x"
},
"product_reference": "cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-150200.24.212.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x"
},
"product_reference": "dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-150200.24.212.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x"
},
"product_reference": "gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x"
},
"product_reference": "ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP2",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "kernel-default-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-default-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64"
},
"product_reference": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64"
},
"product_reference": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-5.3.18-150200.24.212.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch"
},
"product_reference": "kernel-devel-5.3.18-150200.24.212.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-5.3.18-150200.24.212.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch"
},
"product_reference": "kernel-docs-5.3.18-150200.24.212.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-5.3.18-150200.24.212.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch"
},
"product_reference": "kernel-macros-5.3.18-150200.24.212.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-5.3.18-150200.24.212.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch"
},
"product_reference": "kernel-source-5.3.18-150200.24.212.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "kernel-syms-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-syms-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "kernel-default-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "kernel-default-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-150200.24.212.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x"
},
"product_reference": "kernel-default-5.3.18-150200.24.212.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-default-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64"
},
"product_reference": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le"
},
"product_reference": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x"
},
"product_reference": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64"
},
"product_reference": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-150200.24.212.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x"
},
"product_reference": "kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-5.3.18-150200.24.212.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch"
},
"product_reference": "kernel-devel-5.3.18-150200.24.212.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-5.3.18-150200.24.212.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch"
},
"product_reference": "kernel-docs-5.3.18-150200.24.212.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-5.3.18-150200.24.212.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch"
},
"product_reference": "kernel-macros-5.3.18-150200.24.212.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-150200.24.212.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x"
},
"product_reference": "kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-5.3.18-150200.24.212.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch"
},
"product_reference": "kernel-source-5.3.18-150200.24.212.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "kernel-syms-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-150200.24.212.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x"
},
"product_reference": "kernel-syms-5.3.18-150200.24.212.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-syms-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x"
},
"product_reference": "reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "kernel-default-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-default-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le"
},
"product_reference": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64"
},
"product_reference": "kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-5.3.18-150200.24.212.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch"
},
"product_reference": "kernel-devel-5.3.18-150200.24.212.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-5.3.18-150200.24.212.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch"
},
"product_reference": "kernel-docs-5.3.18-150200.24.212.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-5.3.18-150200.24.212.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch"
},
"product_reference": "kernel-macros-5.3.18-150200.24.212.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-5.3.18-150200.24.212.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch"
},
"product_reference": "kernel-source-5.3.18-150200.24.212.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "kernel-syms-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52524",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52524"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: llcp: Add lock when modifying device list\n\nThe device list needs its associated lock held when modifying it, or the\nlist could become corrupted, as syzbot discovered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52524",
"url": "https://www.suse.com/security/cve/CVE-2023-52524"
},
{
"category": "external",
"summary": "SUSE Bug 1220927 for CVE-2023-52524",
"url": "https://bugzilla.suse.com/1220927"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "moderate"
}
],
"title": "CVE-2023-52524"
},
{
"cve": "CVE-2024-49925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: efifb: Register sysfs groups through driver core\n\nThe driver core can register and cleanup sysfs groups already.\nMake use of that functionality to simplify the error handling and\ncleanup.\n\nAlso avoid a UAF race during unregistering where the sysctl attributes\nwere usable after the info struct was freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49925",
"url": "https://www.suse.com/security/cve/CVE-2024-49925"
},
{
"category": "external",
"summary": "SUSE Bug 1232224 for CVE-2024-49925",
"url": "https://bugzilla.suse.com/1232224"
},
{
"category": "external",
"summary": "SUSE Bug 1232225 for CVE-2024-49925",
"url": "https://bugzilla.suse.com/1232225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "moderate"
}
],
"title": "CVE-2024-49925"
},
{
"cve": "CVE-2024-50089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50089"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50089",
"url": "https://www.suse.com/security/cve/CVE-2024-50089"
},
{
"category": "external",
"summary": "SUSE Bug 1232860 for CVE-2024-50089",
"url": "https://bugzilla.suse.com/1232860"
},
{
"category": "external",
"summary": "SUSE Bug 1233250 for CVE-2024-50089",
"url": "https://bugzilla.suse.com/1233250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-50089"
},
{
"cve": "CVE-2024-50115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn\u0027t\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn\u0027t using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM\u0027s much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it\u0027s only the nSVM flow\nthat is broken.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50115",
"url": "https://www.suse.com/security/cve/CVE-2024-50115"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232919 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "external",
"summary": "SUSE Bug 1233019 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1233019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-50115"
},
{
"cve": "CVE-2024-50125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: Fix UAF on sco_sock_timeout\n\nconn-\u003esk maybe have been unlinked/freed while waiting for sco_conn_lock\nso this checks if the conn-\u003esk is still valid by checking if it part of\nsco_sk_list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50125",
"url": "https://www.suse.com/security/cve/CVE-2024-50125"
},
{
"category": "external",
"summary": "SUSE Bug 1232928 for CVE-2024-50125",
"url": "https://bugzilla.suse.com/1232928"
},
{
"category": "external",
"summary": "SUSE Bug 1232929 for CVE-2024-50125",
"url": "https://bugzilla.suse.com/1232929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-50125"
},
{
"cve": "CVE-2024-50127",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50127"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix use-after-free in taprio_change()\n\nIn \u0027taprio_change()\u0027, \u0027admin\u0027 pointer may become dangling due to sched\nswitch / removal caused by \u0027advance_sched()\u0027, and critical section\nprotected by \u0027q-\u003ecurrent_entry_lock\u0027 is too small to prevent from such\na scenario (which causes use-after-free detected by KASAN). Fix this\nby prefer \u0027rcu_replace_pointer()\u0027 over \u0027rcu_assign_pointer()\u0027 to update\n\u0027admin\u0027 immediately before an attempt to schedule freeing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50127",
"url": "https://www.suse.com/security/cve/CVE-2024-50127"
},
{
"category": "external",
"summary": "SUSE Bug 1232907 for CVE-2024-50127",
"url": "https://bugzilla.suse.com/1232907"
},
{
"category": "external",
"summary": "SUSE Bug 1232908 for CVE-2024-50127",
"url": "https://bugzilla.suse.com/1232908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-50127"
},
{
"cve": "CVE-2024-50154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50154"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp/dccp: Don\u0027t use timer_pending() in reqsk_queue_unlink().\n\nMartin KaFai Lau reported use-after-free [0] in reqsk_timer_handler().\n\n \"\"\"\n We are seeing a use-after-free from a bpf prog attached to\n trace_tcp_retransmit_synack. The program passes the req-\u003esk to the\n bpf_sk_storage_get_tracing kernel helper which does check for null\n before using it.\n \"\"\"\n\nThe commit 83fccfc3940c (\"inet: fix potential deadlock in\nreqsk_queue_unlink()\") added timer_pending() in reqsk_queue_unlink() not\nto call del_timer_sync() from reqsk_timer_handler(), but it introduced a\nsmall race window.\n\nBefore the timer is called, expire_timers() calls detach_timer(timer, true)\nto clear timer-\u003eentry.pprev and marks it as not pending.\n\nIf reqsk_queue_unlink() checks timer_pending() just after expire_timers()\ncalls detach_timer(), TCP will miss del_timer_sync(); the reqsk timer will\ncontinue running and send multiple SYN+ACKs until it expires.\n\nThe reported UAF could happen if req-\u003esk is close()d earlier than the timer\nexpiration, which is 63s by default.\n\nThe scenario would be\n\n 1. inet_csk_complete_hashdance() calls inet_csk_reqsk_queue_drop(),\n but del_timer_sync() is missed\n\n 2. reqsk timer is executed and scheduled again\n\n 3. req-\u003esk is accept()ed and reqsk_put() decrements rsk_refcnt, but\n reqsk timer still has another one, and inet_csk_accept() does not\n clear req-\u003esk for non-TFO sockets\n\n 4. sk is close()d\n\n 5. reqsk timer is executed again, and BPF touches req-\u003esk\n\nLet\u0027s not use timer_pending() by passing the caller context to\n__inet_csk_reqsk_queue_drop().\n\nNote that reqsk timer is pinned, so the issue does not happen in most\nuse cases. [1]\n\n[0]\nBUG: KFENCE: use-after-free read in bpf_sk_storage_get_tracing+0x2e/0x1b0\n\nUse-after-free read at 0x00000000a891fb3a (in kfence-#1):\nbpf_sk_storage_get_tracing+0x2e/0x1b0\nbpf_prog_5ea3e95db6da0438_tcp_retransmit_synack+0x1d20/0x1dda\nbpf_trace_run2+0x4c/0xc0\ntcp_rtx_synack+0xf9/0x100\nreqsk_timer_handler+0xda/0x3d0\nrun_timer_softirq+0x292/0x8a0\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\nintel_idle_irq+0x5a/0xa0\ncpuidle_enter_state+0x94/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nkfence-#1: 0x00000000a72cc7b6-0x00000000d97616d9, size=2376, cache=TCPv6\n\nallocated by task 0 on cpu 9 at 260507.901592s:\nsk_prot_alloc+0x35/0x140\nsk_clone_lock+0x1f/0x3f0\ninet_csk_clone_lock+0x15/0x160\ntcp_create_openreq_child+0x1f/0x410\ntcp_v6_syn_recv_sock+0x1da/0x700\ntcp_check_req+0x1fb/0x510\ntcp_v6_rcv+0x98b/0x1420\nipv6_list_rcv+0x2258/0x26e0\nnapi_complete_done+0x5b1/0x2990\nmlx5e_napi_poll+0x2ae/0x8d0\nnet_rx_action+0x13e/0x590\nirq_exit_rcu+0xf5/0x320\ncommon_interrupt+0x80/0x90\nasm_common_interrupt+0x22/0x40\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nfreed by task 0 on cpu 9 at 260507.927527s:\nrcu_core_si+0x4ff/0xf10\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50154",
"url": "https://www.suse.com/security/cve/CVE-2024-50154"
},
{
"category": "external",
"summary": "SUSE Bug 1233070 for CVE-2024-50154",
"url": "https://bugzilla.suse.com/1233070"
},
{
"category": "external",
"summary": "SUSE Bug 1233072 for CVE-2024-50154",
"url": "https://bugzilla.suse.com/1233072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-50154"
},
{
"cve": "CVE-2024-50205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()\n\nThe step variable is initialized to zero. It is changed in the loop,\nbut if it\u0027s not changed it will remain zero. Add a variable check\nbefore the division.\n\nThe observed behavior was introduced by commit 826b5de90c0b\n(\"ALSA: firewire-lib: fix insufficient PCM rule for period/buffer size\"),\nand it is difficult to show that any of the interval parameters will\nsatisfy the snd_interval_test() condition with data from the\namdtp_rate_table[] table.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50205",
"url": "https://www.suse.com/security/cve/CVE-2024-50205"
},
{
"category": "external",
"summary": "SUSE Bug 1233293 for CVE-2024-50205",
"url": "https://bugzilla.suse.com/1233293"
},
{
"category": "external",
"summary": "SUSE Bug 1233294 for CVE-2024-50205",
"url": "https://bugzilla.suse.com/1233294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-50205"
},
{
"cve": "CVE-2024-50208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50208"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages\n\nAvoid memory corruption while setting up Level-2 PBL pages for the non MR\nresources when num_pages \u003e 256K.\n\nThere will be a single PDE page address (contiguous pages in the case of \u003e\nPAGE_SIZE), but, current logic assumes multiple pages, leading to invalid\nmemory access after 256K PBL entries in the PDE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50208",
"url": "https://www.suse.com/security/cve/CVE-2024-50208"
},
{
"category": "external",
"summary": "SUSE Bug 1233117 for CVE-2024-50208",
"url": "https://bugzilla.suse.com/1233117"
},
{
"category": "external",
"summary": "SUSE Bug 1233118 for CVE-2024-50208",
"url": "https://bugzilla.suse.com/1233118"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-50208"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
},
{
"cve": "CVE-2024-50267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50267"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: io_edgeport: fix use after free in debug printk\n\nThe \"dev_dbg(\u0026urb-\u003edev-\u003edev, ...\" which happens after usb_free_urb(urb)\nis a use after free of the \"urb\" pointer. Store the \"dev\" pointer at the\nstart of the function to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50267",
"url": "https://www.suse.com/security/cve/CVE-2024-50267"
},
{
"category": "external",
"summary": "SUSE Bug 1233456 for CVE-2024-50267",
"url": "https://bugzilla.suse.com/1233456"
},
{
"category": "external",
"summary": "SUSE Bug 1233711 for CVE-2024-50267",
"url": "https://bugzilla.suse.com/1233711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-50267"
},
{
"cve": "CVE-2024-50279",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50279"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: fix out-of-bounds access to the dirty bitset when resizing\n\ndm-cache checks the dirty bits of the cache blocks to be dropped when\nshrinking the fast device, but an index bug in bitset iteration causes\nout-of-bounds access.\n\nReproduce steps:\n\n1. create a cache device of 1024 cache blocks (128 bytes dirty bitset)\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 131072 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct\ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\n\n2. shrink the fast device to 512 cache blocks, triggering out-of-bounds\n access to the dirty bitset (offset 0x80)\n\ndmsetup suspend cache\ndmsetup reload cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup resume cdata\ndmsetup resume cache\n\nKASAN reports:\n\n BUG: KASAN: vmalloc-out-of-bounds in cache_preresume+0x269/0x7b0\n Read of size 8 at addr ffffc900000f3080 by task dmsetup/131\n\n (...snip...)\n The buggy address belongs to the virtual mapping at\n [ffffc900000f3000, ffffc900000f5000) created by:\n cache_ctr+0x176a/0x35f0\n\n (...snip...)\n Memory state around the buggy address:\n ffffc900000f2f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003effffc900000f3080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffffc900000f3100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n\nFix by making the index post-incremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50279",
"url": "https://www.suse.com/security/cve/CVE-2024-50279"
},
{
"category": "external",
"summary": "SUSE Bug 1233468 for CVE-2024-50279",
"url": "https://bugzilla.suse.com/1233468"
},
{
"category": "external",
"summary": "SUSE Bug 1233708 for CVE-2024-50279",
"url": "https://bugzilla.suse.com/1233708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-50279"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-50301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsecurity/keys: fix slab-out-of-bounds in key_task_permission\n\nKASAN reports an out of bounds read:\nBUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36\nBUG: KASAN: slab-out-of-bounds in uid_eq include/linux/uidgid.h:63 [inline]\nBUG: KASAN: slab-out-of-bounds in key_task_permission+0x394/0x410\nsecurity/keys/permission.c:54\nRead of size 4 at addr ffff88813c3ab618 by task stress-ng/4362\n\nCPU: 2 PID: 4362 Comm: stress-ng Not tainted 5.10.0-14930-gafbffd6c3ede #15\nCall Trace:\n __dump_stack lib/dump_stack.c:82 [inline]\n dump_stack+0x107/0x167 lib/dump_stack.c:123\n print_address_description.constprop.0+0x19/0x170 mm/kasan/report.c:400\n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560\n kasan_report+0x3a/0x50 mm/kasan/report.c:585\n __kuid_val include/linux/uidgid.h:36 [inline]\n uid_eq include/linux/uidgid.h:63 [inline]\n key_task_permission+0x394/0x410 security/keys/permission.c:54\n search_nested_keyrings+0x90e/0xe90 security/keys/keyring.c:793\n\nThis issue was also reported by syzbot.\n\nIt can be reproduced by following these steps(more details [1]):\n1. Obtain more than 32 inputs that have similar hashes, which ends with the\n pattern \u00270xxxxxxxe6\u0027.\n2. Reboot and add the keys obtained in step 1.\n\nThe reproducer demonstrates how this issue happened:\n1. In the search_nested_keyrings function, when it iterates through the\n slots in a node(below tag ascend_to_node), if the slot pointer is meta\n and node-\u003eback_pointer != NULL(it means a root), it will proceed to\n descend_to_node. However, there is an exception. If node is the root,\n and one of the slots points to a shortcut, it will be treated as a\n keyring.\n2. Whether the ptr is keyring decided by keyring_ptr_is_keyring function.\n However, KEYRING_PTR_SUBTYPE is 0x2UL, the same as\n ASSOC_ARRAY_PTR_SUBTYPE_MASK.\n3. When 32 keys with the similar hashes are added to the tree, the ROOT\n has keys with hashes that are not similar (e.g. slot 0) and it splits\n NODE A without using a shortcut. When NODE A is filled with keys that\n all hashes are xxe6, the keys are similar, NODE A will split with a\n shortcut. Finally, it forms the tree as shown below, where slot 6 points\n to a shortcut.\n\n NODE A\n +------\u003e+---+\n ROOT | | 0 | xxe6\n +---+ | +---+\n xxxx | 0 | shortcut : : xxe6\n +---+ | +---+\n xxe6 : : | | | xxe6\n +---+ | +---+\n | 6 |---+ : : xxe6\n +---+ +---+\n xxe6 : : | f | xxe6\n +---+ +---+\n xxe6 | f |\n +---+\n\n4. As mentioned above, If a slot(slot 6) of the root points to a shortcut,\n it may be mistakenly transferred to a key*, leading to a read\n out-of-bounds read.\n\nTo fix this issue, one should jump to descend_to_node if the ptr is a\nshortcut, regardless of whether the node is root or not.\n\n[1] https://lore.kernel.org/linux-kernel/1cfa878e-8c7b-4570-8606-21daf5e13ce7@huaweicloud.com/\n\n[jarkko: tweaked the commit message a bit to have an appropriate closes\n tag.]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50301",
"url": "https://www.suse.com/security/cve/CVE-2024-50301"
},
{
"category": "external",
"summary": "SUSE Bug 1233490 for CVE-2024-50301",
"url": "https://bugzilla.suse.com/1233490"
},
{
"category": "external",
"summary": "SUSE Bug 1233680 for CVE-2024-50301",
"url": "https://bugzilla.suse.com/1233680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-50301"
},
{
"cve": "CVE-2024-50302",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50302"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let\u0027s\nzero-initialize it during allocation to make sure that it can\u0027t be ever used\nto leak kernel memory via specially-crafted report.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50302",
"url": "https://www.suse.com/security/cve/CVE-2024-50302"
},
{
"category": "external",
"summary": "SUSE Bug 1233491 for CVE-2024-50302",
"url": "https://bugzilla.suse.com/1233491"
},
{
"category": "external",
"summary": "SUSE Bug 1233679 for CVE-2024-50302",
"url": "https://bugzilla.suse.com/1233679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-50302"
},
{
"cve": "CVE-2024-53061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: s5p-jpeg: prevent buffer overflows\n\nThe current logic allows word to be less than 2. If this happens,\nthere will be buffer overflows, as reported by smatch. Add extra\nchecks to prevent it.\n\nWhile here, remove an unused word = 0 assignment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53061",
"url": "https://www.suse.com/security/cve/CVE-2024-53061"
},
{
"category": "external",
"summary": "SUSE Bug 1233555 for CVE-2024-53061",
"url": "https://bugzilla.suse.com/1233555"
},
{
"category": "external",
"summary": "SUSE Bug 1233621 for CVE-2024-53061",
"url": "https://bugzilla.suse.com/1233621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-53061"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninitramfs: avoid filename buffer overrun\n\nThe initramfs filename field is defined in\nDocumentation/driver-api/early-userspace/buffer-format.rst as:\n\n 37 cpio_file := ALGN(4) + cpio_header + filename + \"\\0\" + ALGN(4) + data\n...\n 55 ============= ================== =========================\n 56 Field name Field size Meaning\n 57 ============= ================== =========================\n...\n 70 c_namesize 8 bytes Length of filename, including final \\0\n\nWhen extracting an initramfs cpio archive, the kernel\u0027s do_name() path\nhandler assumes a zero-terminated path at @collected, passing it\ndirectly to filp_open() / init_mkdir() / init_mknod().\n\nIf a specially crafted cpio entry carries a non-zero-terminated filename\nand is followed by uninitialized memory, then a file may be created with\ntrailing characters that represent the uninitialized memory. The ability\nto create an initramfs entry would imply already having full control of\nthe system, so the buffer overrun shouldn\u0027t be considered a security\nvulnerability.\n\nAppend the output of the following bash script to an existing initramfs\nand observe any created /initramfs_test_fname_overrunAA* path. E.g.\n ./reproducer.sh | gzip \u003e\u003e /myinitramfs\n\nIt\u0027s easiest to observe non-zero uninitialized memory when the output is\ngzipped, as it\u0027ll overflow the heap allocated @out_buf in __gunzip(),\nrather than the initrd_start+initrd_size block.\n\n---- reproducer.sh ----\nnilchar=\"A\"\t# change to \"\\0\" to properly zero terminate / pad\nmagic=\"070701\"\nino=1\nmode=$(( 0100777 ))\nuid=0\ngid=0\nnlink=1\nmtime=1\nfilesize=0\ndevmajor=0\ndevminor=1\nrdevmajor=0\nrdevminor=0\ncsum=0\nfname=\"initramfs_test_fname_overrun\"\nnamelen=$(( ${#fname} + 1 ))\t# plus one to account for terminator\n\nprintf \"%s%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%s\" \\\n\t$magic $ino $mode $uid $gid $nlink $mtime $filesize \\\n\t$devmajor $devminor $rdevmajor $rdevminor $namelen $csum $fname\n\ntermpadlen=$(( 1 + ((4 - ((110 + $namelen) \u0026 3)) % 4) ))\nprintf \"%.s${nilchar}\" $(seq 1 $termpadlen)\n---- reproducer.sh ----\n\nSymlink filename fields handled in do_symlink() won\u0027t overrun past the\ndata segment, due to the explicit zero-termination of the symlink\ntarget.\n\nFix filename buffer overrun by aborting the initramfs FSM if any cpio\nentry doesn\u0027t carry a zero-terminator at the expected (name_len - 1)\noffset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53142",
"url": "https://www.suse.com/security/cve/CVE-2024-53142"
},
{
"category": "external",
"summary": "SUSE Bug 1232436 for CVE-2024-53142",
"url": "https://bugzilla.suse.com/1232436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:cluster-md-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:dlm-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:gfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP2:ocfs2-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-default-livepatch-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP2:kernel-livepatch-5_3_18-150200_24_212-default-1-150200.5.3.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-base-5.3.18-150200.24.212.1.150200.9.111.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-default-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-devel-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-docs-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-macros-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-obs-build-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-preempt-devel-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-source-5.3.18-150200.24.212.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:kernel-syms-5.3.18-150200.24.212.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:reiserfs-kmp-default-5.3.18-150200.24.212.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-12-19T18:32:06Z",
"details": "moderate"
}
],
"title": "CVE-2024-53142"
}
]
}
SUSE-SU-2025:0164-1
Vulnerability from csaf_suse - Published: 2025-01-17 15:33 - Updated: 2025-01-17 15:33Summary
Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)
Description of the patch
This update for the Linux Kernel 5.14.21-150500_55_65 fixes several issues.
The following security issues were fixed:
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712).
- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
- CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327).
- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
Patchnames
SUSE-2025-164,SUSE-SLE-Module-Live-Patching-15-SP5-2025-164
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150500_55_65 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233712).\n- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).\n- CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429).\n- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).\n- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).\n- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327).\n- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).\n- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1229273).\n- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).\n- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).\n- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739).\n- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)\n- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).\n- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).\n- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099).\n- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).\n- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).\n- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-164,SUSE-SLE-Module-Live-Patching-15-SP5-2025-164",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0164-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0164-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250164-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0164-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020153.html"
},
{
"category": "self",
"summary": "SUSE Bug 1223363",
"url": "https://bugzilla.suse.com/1223363"
},
{
"category": "self",
"summary": "SUSE Bug 1223683",
"url": "https://bugzilla.suse.com/1223683"
},
{
"category": "self",
"summary": "SUSE Bug 1225011",
"url": "https://bugzilla.suse.com/1225011"
},
{
"category": "self",
"summary": "SUSE Bug 1225012",
"url": "https://bugzilla.suse.com/1225012"
},
{
"category": "self",
"summary": "SUSE Bug 1225013",
"url": "https://bugzilla.suse.com/1225013"
},
{
"category": "self",
"summary": "SUSE Bug 1225099",
"url": "https://bugzilla.suse.com/1225099"
},
{
"category": "self",
"summary": "SUSE Bug 1225309",
"url": "https://bugzilla.suse.com/1225309"
},
{
"category": "self",
"summary": "SUSE Bug 1225311",
"url": "https://bugzilla.suse.com/1225311"
},
{
"category": "self",
"summary": "SUSE Bug 1225312",
"url": "https://bugzilla.suse.com/1225312"
},
{
"category": "self",
"summary": "SUSE Bug 1225429",
"url": "https://bugzilla.suse.com/1225429"
},
{
"category": "self",
"summary": "SUSE Bug 1225733",
"url": "https://bugzilla.suse.com/1225733"
},
{
"category": "self",
"summary": "SUSE Bug 1225739",
"url": "https://bugzilla.suse.com/1225739"
},
{
"category": "self",
"summary": "SUSE Bug 1225819",
"url": "https://bugzilla.suse.com/1225819"
},
{
"category": "self",
"summary": "SUSE Bug 1226325",
"url": "https://bugzilla.suse.com/1226325"
},
{
"category": "self",
"summary": "SUSE Bug 1226327",
"url": "https://bugzilla.suse.com/1226327"
},
{
"category": "self",
"summary": "SUSE Bug 1227471",
"url": "https://bugzilla.suse.com/1227471"
},
{
"category": "self",
"summary": "SUSE Bug 1228573",
"url": "https://bugzilla.suse.com/1228573"
},
{
"category": "self",
"summary": "SUSE Bug 1228786",
"url": "https://bugzilla.suse.com/1228786"
},
{
"category": "self",
"summary": "SUSE Bug 1229273",
"url": "https://bugzilla.suse.com/1229273"
},
{
"category": "self",
"summary": "SUSE Bug 1229553",
"url": "https://bugzilla.suse.com/1229553"
},
{
"category": "self",
"summary": "SUSE Bug 1232637",
"url": "https://bugzilla.suse.com/1232637"
},
{
"category": "self",
"summary": "SUSE Bug 1233712",
"url": "https://bugzilla.suse.com/1233712"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47517 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47517/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47598 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52846 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35867 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)",
"tracking": {
"current_release_date": "2025-01-17T15:33:32Z",
"generator": {
"date": "2025-01-17T15:33:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0164-1",
"initial_release_date": "2025-01-17T15:33:32Z",
"revision_history": [
{
"date": "2025-01-17T15:33:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47517",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47517"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: do not perform operations on net devices being unregistered\n\nThere is a short period between a net device starts to be unregistered\nand when it is actually gone. In that time frame ethtool operations\ncould still be performed, which might end up in unwanted or undefined\nbehaviours[1].\n\nDo not allow ethtool operations after a net device starts its\nunregistration. This patch targets the netlink part as the ioctl one\nisn\u0027t affected: the reference to the net device is taken and the\noperation is executed within an rtnl lock section and the net device\nwon\u0027t be found after unregister.\n\n[1] For example adding Tx queues after unregister ends up in NULL\n pointer exceptions and UaFs, such as:\n\n BUG: KASAN: use-after-free in kobject_get+0x14/0x90\n Read of size 1 at addr ffff88801961248c by task ethtool/755\n\n CPU: 0 PID: 755 Comm: ethtool Not tainted 5.15.0-rc6+ #778\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/014\n Call Trace:\n dump_stack_lvl+0x57/0x72\n print_address_description.constprop.0+0x1f/0x140\n kasan_report.cold+0x7f/0x11b\n kobject_get+0x14/0x90\n kobject_add_internal+0x3d1/0x450\n kobject_init_and_add+0xba/0xf0\n netdev_queue_update_kobjects+0xcf/0x200\n netif_set_real_num_tx_queues+0xb4/0x310\n veth_set_channels+0x1c3/0x550\n ethnl_set_channels+0x524/0x610",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47517",
"url": "https://www.suse.com/security/cve/CVE-2021-47517"
},
{
"category": "external",
"summary": "SUSE Bug 1225428 for CVE-2021-47517",
"url": "https://bugzilla.suse.com/1225428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "moderate"
}
],
"title": "CVE-2021-47517"
},
{
"cve": "CVE-2021-47598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_cake: do not call cake_destroy() from cake_init()\n\nqdiscs are not supposed to call their own destroy() method\nfrom init(), because core stack already does that.\n\nsyzbot was able to trigger use after free:\n\nDEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock_common kernel/locking/mutex.c:586 [inline]\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nModules linked in:\nCPU: 0 PID: 21902 Comm: syz-executor189 Not tainted 5.16.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:__mutex_lock_common kernel/locking/mutex.c:586 [inline]\nRIP: 0010:__mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nCode: 08 84 d2 0f 85 19 08 00 00 8b 05 97 38 4b 04 85 c0 0f 85 27 f7 ff ff 48 c7 c6 20 00 ac 89 48 c7 c7 a0 fe ab 89 e8 bf 76 ba ff \u003c0f\u003e 0b e9 0d f7 ff ff 48 8b 44 24 40 48 8d b8 c8 08 00 00 48 89 f8\nRSP: 0018:ffffc9000627f290 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802315d700 RSI: ffffffff815f1db8 RDI: fffff52000c4fe44\nRBP: ffff88818f28e000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815ebb5e R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: ffffc9000627f458 R15: 0000000093c30000\nFS: 0000555556abc400(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fda689c3303 CR3: 000000001cfbb000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcf_chain0_head_change_cb_del+0x2e/0x3d0 net/sched/cls_api.c:810\n tcf_block_put_ext net/sched/cls_api.c:1381 [inline]\n tcf_block_put_ext net/sched/cls_api.c:1376 [inline]\n tcf_block_put+0xbc/0x130 net/sched/cls_api.c:1394\n cake_destroy+0x3f/0x80 net/sched/sch_cake.c:2695\n qdisc_create.constprop.0+0x9da/0x10f0 net/sched/sch_api.c:1293\n tc_modify_qdisc+0x4c5/0x1980 net/sched/sch_api.c:1660\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2496\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f1bb06badb9\nCode: Unable to access opcode bytes at RIP 0x7f1bb06bad8f.\nRSP: 002b:00007fff3012a658 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1bb06badb9\nRDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000003 R11: 0000000000000246 R12: 00007fff3012a688\nR13: 00007fff3012a6a0 R14: 00007fff3012a6e0 R15: 00000000000013c2\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47598",
"url": "https://www.suse.com/security/cve/CVE-2021-47598"
},
{
"category": "external",
"summary": "SUSE Bug 1226574 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1226574"
},
{
"category": "external",
"summary": "SUSE Bug 1227471 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1227471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2021-47598"
},
{
"cve": "CVE-2022-48956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid use-after-free in ip6_fragment()\n\nBlamed commit claimed rcu_read_lock() was held by ip6_fragment() callers.\n\nIt seems to not be always true, at least for UDP stack.\n\nsyzbot reported:\n\nBUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline]\nBUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\nRead of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618\n\nCPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x15e/0x45d mm/kasan/report.c:395\n kasan_report+0xbf/0x1f0 mm/kasan/report.c:495\n ip6_dst_idev include/net/ip6_fib.h:245 [inline]\n ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\n __ip6_finish_output net/ipv6/ip6_output.c:193 [inline]\n ip6_finish_output+0x9a3/0x1170 net/ipv6/ip6_output.c:206\n NF_HOOK_COND include/linux/netfilter.h:291 [inline]\n ip6_output+0x1f1/0x540 net/ipv6/ip6_output.c:227\n dst_output include/net/dst.h:445 [inline]\n ip6_local_out+0xb3/0x1a0 net/ipv6/output_core.c:161\n ip6_send_skb+0xbb/0x340 net/ipv6/ip6_output.c:1966\n udp_v6_send_skb+0x82a/0x18a0 net/ipv6/udp.c:1286\n udp_v6_push_pending_frames+0x140/0x200 net/ipv6/udp.c:1313\n udpv6_sendmsg+0x18da/0x2c80 net/ipv6/udp.c:1606\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0xd3/0x120 net/socket.c:734\n sock_write_iter+0x295/0x3d0 net/socket.c:1108\n call_write_iter include/linux/fs.h:2191 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x9ed/0xdd0 fs/read_write.c:584\n ksys_write+0x1ec/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fde3588c0d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fde365b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fde359ac050 RCX: 00007fde3588c0d9\nRDX: 000000000000ffdc RSI: 00000000200000c0 RDI: 000000000000000a\nRBP: 00007fde358e7ae9 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fde35acfb1f R14: 00007fde365b6300 R15: 0000000000022000\n \u003c/TASK\u003e\n\nAllocated by task 7618:\n kasan_save_stack+0x22/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x82/0x90 mm/kasan/common.c:325\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3398 [inline]\n slab_alloc mm/slub.c:3406 [inline]\n __kmem_cache_alloc_lru mm/slub.c:3413 [inline]\n kmem_cache_alloc+0x2b4/0x3d0 mm/slub.c:3422\n dst_alloc+0x14a/0x1f0 net/core/dst.c:92\n ip6_dst_alloc+0x32/0xa0 net/ipv6/route.c:344\n ip6_rt_pcpu_alloc net/ipv6/route.c:1369 [inline]\n rt6_make_pcpu_route net/ipv6/route.c:1417 [inline]\n ip6_pol_route+0x901/0x1190 net/ipv6/route.c:2254\n pol_lookup_func include/net/ip6_fib.h:582 [inline]\n fib6_rule_lookup+0x52e/0x6f0 net/ipv6/fib6_rules.c:121\n ip6_route_output_flags_noref+0x2e6/0x380 net/ipv6/route.c:2625\n ip6_route_output_flags+0x76/0x320 net/ipv6/route.c:2638\n ip6_route_output include/net/ip6_route.h:98 [inline]\n ip6_dst_lookup_tail+0x5ab/0x1620 net/ipv6/ip6_output.c:1092\n ip6_dst_lookup_flow+0x90/0x1d0 net/ipv6/ip6_output.c:1222\n ip6_sk_dst_lookup_flow+0x553/0x980 net/ipv6/ip6_output.c:1260\n udpv6_sendmsg+0x151d/0x2c80 net/ipv6/udp.c:1554\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48956",
"url": "https://www.suse.com/security/cve/CVE-2022-48956"
},
{
"category": "external",
"summary": "SUSE Bug 1231893 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1231893"
},
{
"category": "external",
"summary": "SUSE Bug 1232799 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1232799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2022-48956"
},
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2023-52846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Prevent use after free in prp_create_tagged_frame()\n\nThe prp_fill_rct() function can fail. In that situation, it frees the\nskb and returns NULL. Meanwhile on the success path, it returns the\noriginal skb. So it\u0027s straight forward to fix bug by using the returned\nvalue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52846",
"url": "https://www.suse.com/security/cve/CVE-2023-52846"
},
{
"category": "external",
"summary": "SUSE Bug 1225098 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225098"
},
{
"category": "external",
"summary": "SUSE Bug 1225099 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2023-52846"
},
{
"cve": "CVE-2024-26828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need. However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t. That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26828",
"url": "https://www.suse.com/security/cve/CVE-2024-26828"
},
{
"category": "external",
"summary": "SUSE Bug 1223084 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "external",
"summary": "SUSE Bug 1223363 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix garbage collector racing against connect()\n\nGarbage collector does not take into account the risk of embryo getting\nenqueued during the garbage collection. If such embryo has a peer that\ncarries SCM_RIGHTS, two consecutive passes of scan_children() may see a\ndifferent set of children. Leading to an incorrectly elevated inflight\ncount, and then a dangling pointer within the gc_inflight_list.\n\nsockets are AF_UNIX/SOCK_STREAM\nS is an unconnected socket\nL is a listening in-flight socket bound to addr, not in fdtable\nV\u0027s fd will be passed via sendmsg(), gets inflight count bumped\n\nconnect(S, addr)\tsendmsg(S, [V]); close(V)\t__unix_gc()\n----------------\t-------------------------\t-----------\n\nNS = unix_create1()\nskb1 = sock_wmalloc(NS)\nL = unix_find_other(addr)\nunix_state_lock(L)\nunix_peer(S) = NS\n\t\t\t// V count=1 inflight=0\n\n \t\t\tNS = unix_peer(S)\n \t\t\tskb2 = sock_alloc()\n\t\t\tskb_queue_tail(NS, skb2[V])\n\n\t\t\t// V became in-flight\n\t\t\t// V count=2 inflight=1\n\n\t\t\tclose(V)\n\n\t\t\t// V count=1 inflight=1\n\t\t\t// GC candidate condition met\n\n\t\t\t\t\t\tfor u in gc_inflight_list:\n\t\t\t\t\t\t if (total_refs == inflight_refs)\n\t\t\t\t\t\t add u to gc_candidates\n\n\t\t\t\t\t\t// gc_candidates={L, V}\n\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t scan_children(u, dec_inflight)\n\n\t\t\t\t\t\t// embryo (skb1) was not\n\t\t\t\t\t\t// reachable from L yet, so V\u0027s\n\t\t\t\t\t\t// inflight remains unchanged\n__skb_queue_tail(L, skb1)\nunix_state_unlock(L)\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t if (u.inflight)\n\t\t\t\t\t\t scan_children(u, inc_inflight_move_tail)\n\n\t\t\t\t\t\t// V count=1 inflight=2 (!)\n\nIf there is a GC-candidate listening socket, lock/unlock its state. This\nmakes GC wait until the end of any ongoing connect() to that socket. After\nflipping the lock, a possibly SCM-laden embryo is already enqueued. And if\nthere is another embryo coming, it can not possibly carry SCM_RIGHTS. At\nthis point, unix_inflight() can not happen because unix_gc_lock is already\ntaken. Inflight graph remains unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26923",
"url": "https://www.suse.com/security/cve/CVE-2024-26923"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1223683 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-27398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n Cleanup Thread | Worker Thread\nsco_sock_release |\n sco_sock_close |\n __sco_sock_close |\n sco_sock_set_timer |\n schedule_delayed_work |\n sco_sock_kill | (wait a time)\n sock_put(sk) //FREE | sco_sock_timeout\n | sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[ 95.890016] ==================================================================\n[ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[ 95.890755] Workqueue: events sco_sock_timeout\n[ 95.890755] Call Trace:\n[ 95.890755] \u003cTASK\u003e\n[ 95.890755] dump_stack_lvl+0x45/0x110\n[ 95.890755] print_address_description+0x78/0x390\n[ 95.890755] print_report+0x11b/0x250\n[ 95.890755] ? __virt_addr_valid+0xbe/0xf0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_report+0x139/0x170\n[ 95.890755] ? update_load_avg+0xe5/0x9f0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_check_range+0x2c3/0x2e0\n[ 95.890755] sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] process_one_work+0x561/0xc50\n[ 95.890755] worker_thread+0xab2/0x13c0\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] kthread+0x279/0x300\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork+0x34/0x60\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork_asm+0x11/0x20\n[ 95.890755] \u003c/TASK\u003e\n[ 95.890755]\n[ 95.890755] Allocated by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] __kasan_kmalloc+0x86/0x90\n[ 95.890755] __kmalloc+0x17f/0x360\n[ 95.890755] sk_prot_alloc+0xe1/0x1a0\n[ 95.890755] sk_alloc+0x31/0x4e0\n[ 95.890755] bt_sock_alloc+0x2b/0x2a0\n[ 95.890755] sco_sock_create+0xad/0x320\n[ 95.890755] bt_sock_create+0x145/0x320\n[ 95.890755] __sock_create+0x2e1/0x650\n[ 95.890755] __sys_socket+0xd0/0x280\n[ 95.890755] __x64_sys_socket+0x75/0x80\n[ 95.890755] do_syscall_64+0xc4/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] Freed by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] kasan_save_free_info+0x40/0x50\n[ 95.890755] poison_slab_object+0x118/0x180\n[ 95.890755] __kasan_slab_free+0x12/0x30\n[ 95.890755] kfree+0xb2/0x240\n[ 95.890755] __sk_destruct+0x317/0x410\n[ 95.890755] sco_sock_release+0x232/0x280\n[ 95.890755] sock_close+0xb2/0x210\n[ 95.890755] __fput+0x37f/0x770\n[ 95.890755] task_work_run+0x1ae/0x210\n[ 95.890755] get_signal+0xe17/0xf70\n[ 95.890755] arch_do_signal_or_restart+0x3f/0x520\n[ 95.890755] syscall_exit_to_user_mode+0x55/0x120\n[ 95.890755] do_syscall_64+0xd1/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the object at ffff88800c388000\n[ 95.890755] which belongs to the cache kmalloc-1k of size 1024\n[ 95.890755] The buggy address is located 128 bytes inside of\n[ 95.890755] freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the physical page:\n[ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 95.890755] ano\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27398",
"url": "https://www.suse.com/security/cve/CVE-2024-27398"
},
{
"category": "external",
"summary": "SUSE Bug 1224174 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "external",
"summary": "SUSE Bug 1225013 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1225013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-35861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35861",
"url": "https://www.suse.com/security/cve/CVE-2024-35861"
},
{
"category": "external",
"summary": "SUSE Bug 1224766 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "external",
"summary": "SUSE Bug 1225312 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1225312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-35861"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35863",
"url": "https://www.suse.com/security/cve/CVE-2024-35863"
},
{
"category": "external",
"summary": "SUSE Bug 1224763 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "external",
"summary": "SUSE Bug 1225011 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1225011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-35863"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35867",
"url": "https://www.suse.com/security/cve/CVE-2024-35867"
},
{
"category": "external",
"summary": "SUSE Bug 1224664 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "external",
"summary": "SUSE Bug 1225012 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1225012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-35867"
},
{
"cve": "CVE-2024-35905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Protect against int overflow for stack access size\n\nThis patch re-introduces protection against the size of access to stack\nmemory being negative; the access size can appear negative as a result\nof overflowing its signed int representation. This should not actually\nhappen, as there are other protections along the way, but we should\nprotect against it anyway. One code path was missing such protections\n(fixed in the previous patch in the series), causing out-of-bounds array\naccesses in check_stack_range_initialized(). This patch causes the\nverification of a program with such a non-sensical access size to fail.\n\nThis check used to exist in a more indirect way, but was inadvertendly\nremoved in a833a17aeac7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35905",
"url": "https://www.suse.com/security/cve/CVE-2024-35905"
},
{
"category": "external",
"summary": "SUSE Bug 1224488 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "external",
"summary": "SUSE Bug 1226327 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1226327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-35905"
},
{
"cve": "CVE-2024-35949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: make sure that WRITTEN is set on all metadata blocks\n\nWe previously would call btrfs_check_leaf() if we had the check\nintegrity code enabled, which meant that we could only run the extended\nleaf checks if we had WRITTEN set on the header flags.\n\nThis leaves a gap in our checking, because we could end up with\ncorruption on disk where WRITTEN isn\u0027t set on the leaf, and then the\nextended leaf checks don\u0027t get run which we rely on to validate all of\nthe item pointers to make sure we don\u0027t access memory outside of the\nextent buffer.\n\nHowever, since 732fab95abe2 (\"btrfs: check-integrity: remove\nCONFIG_BTRFS_FS_CHECK_INTEGRITY option\") we no longer call\nbtrfs_check_leaf() from btrfs_mark_buffer_dirty(), which means we only\never call it on blocks that are being written out, and thus have WRITTEN\nset, or that are being read in, which should have WRITTEN set.\n\nAdd checks to make sure we have WRITTEN set appropriately, and then make\nsure __btrfs_check_leaf() always does the item checking. This will\nprotect us from file systems that have been corrupted and no longer have\nWRITTEN set on some of the blocks.\n\nThis was hit on a crafted image tweaking the WRITTEN bit and reported by\nKASAN as out-of-bound access in the eb accessors. The example is a dir\nitem at the end of an eb.\n\n [2.042] BTRFS warning (device loop1): bad eb member start: ptr 0x3fff start 30572544 member offset 16410 size 2\n [2.040] general protection fault, probably for non-canonical address 0xe0009d1000000003: 0000 [#1] PREEMPT SMP KASAN NOPTI\n [2.537] KASAN: maybe wild-memory-access in range [0x0005088000000018-0x000508800000001f]\n [2.729] CPU: 0 PID: 2587 Comm: mount Not tainted 6.8.2 #1\n [2.729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n [2.621] RIP: 0010:btrfs_get_16+0x34b/0x6d0\n [2.621] RSP: 0018:ffff88810871fab8 EFLAGS: 00000206\n [2.621] RAX: 0000a11000000003 RBX: ffff888104ff8720 RCX: ffff88811b2288c0\n [2.621] RDX: dffffc0000000000 RSI: ffffffff81dd8aca RDI: ffff88810871f748\n [2.621] RBP: 000000000000401a R08: 0000000000000001 R09: ffffed10210e3ee9\n [2.621] R10: ffff88810871f74f R11: 205d323430333737 R12: 000000000000001a\n [2.621] R13: 000508800000001a R14: 1ffff110210e3f5d R15: ffffffff850011e8\n [2.621] FS: 00007f56ea275840(0000) GS:ffff88811b200000(0000) knlGS:0000000000000000\n [2.621] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [2.621] CR2: 00007febd13b75c0 CR3: 000000010bb50000 CR4: 00000000000006f0\n [2.621] Call Trace:\n [2.621] \u003cTASK\u003e\n [2.621] ? show_regs+0x74/0x80\n [2.621] ? die_addr+0x46/0xc0\n [2.621] ? exc_general_protection+0x161/0x2a0\n [2.621] ? asm_exc_general_protection+0x26/0x30\n [2.621] ? btrfs_get_16+0x33a/0x6d0\n [2.621] ? btrfs_get_16+0x34b/0x6d0\n [2.621] ? btrfs_get_16+0x33a/0x6d0\n [2.621] ? __pfx_btrfs_get_16+0x10/0x10\n [2.621] ? __pfx_mutex_unlock+0x10/0x10\n [2.621] btrfs_match_dir_item_name+0x101/0x1a0\n [2.621] btrfs_lookup_dir_item+0x1f3/0x280\n [2.621] ? __pfx_btrfs_lookup_dir_item+0x10/0x10\n [2.621] btrfs_get_tree+0xd25/0x1910\n\n[ copy more details from report ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35949",
"url": "https://www.suse.com/security/cve/CVE-2024-35949"
},
{
"category": "external",
"summary": "SUSE Bug 1224700 for CVE-2024-35949",
"url": "https://bugzilla.suse.com/1224700"
},
{
"category": "external",
"summary": "SUSE Bug 1229273 for CVE-2024-35949",
"url": "https://bugzilla.suse.com/1229273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-35949"
},
{
"cve": "CVE-2024-36899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: Fix use after free in lineinfo_changed_notify\n\nThe use-after-free issue occurs as follows: when the GPIO chip device file\nis being closed by invoking gpio_chrdev_release(), watched_lines is freed\nby bitmap_free(), but the unregistration of lineinfo_changed_nb notifier\nchain failed due to waiting write rwsem. Additionally, one of the GPIO\nchip\u0027s lines is also in the release process and holds the notifier chain\u0027s\nread rwsem. Consequently, a race condition leads to the use-after-free of\nwatched_lines.\n\nHere is the typical stack when issue happened:\n\n[free]\ngpio_chrdev_release()\n --\u003e bitmap_free(cdev-\u003ewatched_lines) \u003c-- freed\n --\u003e blocking_notifier_chain_unregister()\n --\u003e down_write(\u0026nh-\u003erwsem) \u003c-- waiting rwsem\n --\u003e __down_write_common()\n --\u003e rwsem_down_write_slowpath()\n --\u003e schedule_preempt_disabled()\n --\u003e schedule()\n\n[use]\nst54spi_gpio_dev_release()\n --\u003e gpio_free()\n --\u003e gpiod_free()\n --\u003e gpiod_free_commit()\n --\u003e gpiod_line_state_notify()\n --\u003e blocking_notifier_call_chain()\n --\u003e down_read(\u0026nh-\u003erwsem); \u003c-- held rwsem\n --\u003e notifier_call_chain()\n --\u003e lineinfo_changed_notify()\n --\u003e test_bit(xxxx, cdev-\u003ewatched_lines) \u003c-- use after free\n\nThe side effect of the use-after-free issue is that a GPIO line event is\nbeing generated for userspace where it shouldn\u0027t. However, since the chrdev\nis being closed, userspace won\u0027t have the chance to read that event anyway.\n\nTo fix the issue, call the bitmap_free() function after the unregistration\nof lineinfo_changed_nb notifier chain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36899",
"url": "https://www.suse.com/security/cve/CVE-2024-36899"
},
{
"category": "external",
"summary": "SUSE Bug 1225737 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225737"
},
{
"category": "external",
"summary": "SUSE Bug 1225739 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-36899"
},
{
"cve": "CVE-2024-36904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Use refcount_inc_not_zero() in tcp_twsk_unique().\n\nAnderson Nascimento reported a use-after-free splat in tcp_twsk_unique()\nwith nice analysis.\n\nSince commit ec94c2696f0b (\"tcp/dccp: avoid one atomic operation for\ntimewait hashdance\"), inet_twsk_hashdance() sets TIME-WAIT socket\u0027s\nsk_refcnt after putting it into ehash and releasing the bucket lock.\n\nThus, there is a small race window where other threads could try to\nreuse the port during connect() and call sock_hold() in tcp_twsk_unique()\nfor the TIME-WAIT socket with zero refcnt.\n\nIf that happens, the refcnt taken by tcp_twsk_unique() is overwritten\nand sock_put() will cause underflow, triggering a real use-after-free\nsomewhere else.\n\nTo avoid the use-after-free, we need to use refcount_inc_not_zero() in\ntcp_twsk_unique() and give up on reusing the port if it returns false.\n\n[0]:\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 0 PID: 1039313 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110\nCPU: 0 PID: 1039313 Comm: trigger Not tainted 6.8.6-200.fc39.x86_64 #1\nHardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.21805430.B64.2305221830 05/22/2023\nRIP: 0010:refcount_warn_saturate+0xe5/0x110\nCode: 42 8e ff 0f 0b c3 cc cc cc cc 80 3d aa 13 ea 01 00 0f 85 5e ff ff ff 48 c7 c7 f8 8e b7 82 c6 05 96 13 ea 01 01 e8 7b 42 8e ff \u003c0f\u003e 0b c3 cc cc cc cc 48 c7 c7 50 8f b7 82 c6 05 7a 13 ea 01 01 e8\nRSP: 0018:ffffc90006b43b60 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888009bb3ef0 RCX: 0000000000000027\nRDX: ffff88807be218c8 RSI: 0000000000000001 RDI: ffff88807be218c0\nRBP: 0000000000069d70 R08: 0000000000000000 R09: ffffc90006b439f0\nR10: ffffc90006b439e8 R11: 0000000000000003 R12: ffff8880029ede84\nR13: 0000000000004e20 R14: ffffffff84356dc0 R15: ffff888009bb3ef0\nFS: 00007f62c10926c0(0000) GS:ffff88807be00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020ccb000 CR3: 000000004628c005 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xe5/0x110\n ? __warn+0x81/0x130\n ? refcount_warn_saturate+0xe5/0x110\n ? report_bug+0x171/0x1a0\n ? refcount_warn_saturate+0xe5/0x110\n ? handle_bug+0x3c/0x80\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? refcount_warn_saturate+0xe5/0x110\n tcp_twsk_unique+0x186/0x190\n __inet_check_established+0x176/0x2d0\n __inet_hash_connect+0x74/0x7d0\n ? __pfx___inet_check_established+0x10/0x10\n tcp_v4_connect+0x278/0x530\n __inet_stream_connect+0x10f/0x3d0\n inet_stream_connect+0x3a/0x60\n __sys_connect+0xa8/0xd0\n __x64_sys_connect+0x18/0x20\n do_syscall_64+0x83/0x170\n entry_SYSCALL_64_after_hwframe+0x78/0x80\nRIP: 0033:0x7f62c11a885d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d a3 45 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007f62c1091e58 EFLAGS: 00000296 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000020ccb004 RCX: 00007f62c11a885d\nRDX: 0000000000000010 RSI: 0000000020ccb000 RDI: 0000000000000003\nRBP: 00007f62c1091e90 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000296 R12: 00007f62c10926c0\nR13: ffffffffffffff88 R14: 0000000000000000 R15: 00007ffe237885b0\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36904",
"url": "https://www.suse.com/security/cve/CVE-2024-36904"
},
{
"category": "external",
"summary": "SUSE Bug 1225732 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225732"
},
{
"category": "external",
"summary": "SUSE Bug 1225733 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-36904"
},
{
"cve": "CVE-2024-36964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36964",
"url": "https://www.suse.com/security/cve/CVE-2024-36964"
},
{
"category": "external",
"summary": "SUSE Bug 1225866 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "external",
"summary": "SUSE Bug 1226325 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1226325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-40954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not leave a dangling sk pointer, when socket creation fails\n\nIt is possible to trigger a use-after-free by:\n * attaching an fentry probe to __sock_release() and the probe calling the\n bpf_get_socket_cookie() helper\n * running traceroute -I 1.1.1.1 on a freshly booted VM\n\nA KASAN enabled kernel will log something like below (decoded and stripped):\n==================================================================\nBUG: KASAN: slab-use-after-free in __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nRead of size 8 at addr ffff888007110dd8 by task traceroute/299\n\nCPU: 2 PID: 299 Comm: traceroute Tainted: G E 6.10.0-rc2+ #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\nprint_report (mm/kasan/report.c:378 mm/kasan/report.c:488)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_report (mm/kasan/report.c:603)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_check_range (mm/kasan/generic.c:183 mm/kasan/generic.c:189)\n__sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nbpf_get_socket_ptr_cookie (./arch/x86/include/asm/preempt.h:94 ./include/linux/sock_diag.h:42 net/core/filter.c:5094 net/core/filter.c:5092)\nbpf_prog_875642cf11f1d139___sock_release+0x6e/0x8e\nbpf_trampoline_6442506592+0x47/0xaf\n__sock_release (net/socket.c:652)\n__sock_create (net/socket.c:1601)\n...\nAllocated by task 299 on cpu 2 at 78.328492s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\n__kasan_slab_alloc (mm/kasan/common.c:312 mm/kasan/common.c:338)\nkmem_cache_alloc_noprof (mm/slub.c:3941 mm/slub.c:4000 mm/slub.c:4007)\nsk_prot_alloc (net/core/sock.c:2075)\nsk_alloc (net/core/sock.c:2134)\ninet_create (net/ipv4/af_inet.c:327 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFreed by task 299 on cpu 2 at 78.328502s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\nkasan_save_free_info (mm/kasan/generic.c:582)\npoison_slab_object (mm/kasan/common.c:242)\n__kasan_slab_free (mm/kasan/common.c:256)\nkmem_cache_free (mm/slub.c:4437 mm/slub.c:4511)\n__sk_destruct (net/core/sock.c:2117 net/core/sock.c:2208)\ninet_create (net/ipv4/af_inet.c:397 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by clearing the struct socket reference in sk_common_release() to cover\nall protocol families create functions, which may already attached the\nreference to the sk object with sock_init_data().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40954",
"url": "https://www.suse.com/security/cve/CVE-2024-40954"
},
{
"category": "external",
"summary": "SUSE Bug 1227808 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1227808"
},
{
"category": "external",
"summary": "SUSE Bug 1228786 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1228786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-40954"
},
{
"cve": "CVE-2024-41059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix uninit-value in copy_name\n\n[syzbot reported]\nBUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160\n sized_strscpy+0xc4/0x160\n copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411\n hfsplus_listxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3877 [inline]\n slab_alloc_node mm/slub.c:3918 [inline]\n kmalloc_trace+0x57b/0xbe0 mm/slub.c:4065\n kmalloc include/linux/slab.h:628 [inline]\n hfsplus_listxattr+0x4cc/0x1a50 fs/hfsplus/xattr.c:699\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[Fix]\nWhen allocating memory to strbuf, initialize memory to 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41059",
"url": "https://www.suse.com/security/cve/CVE-2024-41059"
},
{
"category": "external",
"summary": "SUSE Bug 1228561 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228561"
},
{
"category": "external",
"summary": "SUSE Bug 1228573 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-41059"
},
{
"cve": "CVE-2024-43861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: qmi_wwan: fix memory leak for not ip packets\n\nFree the unused skb when not ip packets arrive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43861",
"url": "https://www.suse.com/security/cve/CVE-2024-43861"
},
{
"category": "external",
"summary": "SUSE Bug 1229500 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229500"
},
{
"category": "external",
"summary": "SUSE Bug 1229553 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-43861"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_65-default-8-150500.11.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T15:33:32Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
}
]
}
SUSE-SU-2025:0035-1
Vulnerability from csaf_suse - Published: 2025-01-08 09:47 - Updated: 2025-01-08 09:47Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-48853: swiotlb: fix info leak with DMA_FROM_DEVICE (bsc#1228015).
- CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hci_error_reset (bsc#1222413).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044).
- CVE-2024-27051: cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (bsc#1223769).
- CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526).
- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).
- CVE-2024-42098: crypto: ecdh - explicitly zeroize private_key (bsc#1228779).
- CVE-2024-42229: crypto: aead,cipher - zeroize key buffer after use (bsc#1228708).
- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).
- CVE-2024-46771: can: bcm: Remove proc entry when dev is unregistered (bsc#1230766).
- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).
- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode()&iput() (bsc#1231930).
- CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920).
- CVE-2024-49858: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (bsc#1232251).
- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).
- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).
- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)
- CVE-2024-49938: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (bsc#1232552).
- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).
- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).
- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).
- CVE-2024-50044: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (bsc#1231904).
- CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329).
- CVE-2024-50073: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (bsc#1232520).
- CVE-2024-50074: parport: Proper fix for array out-of-bounds access (bsc#1232507).
- CVE-2024-50095: RDMA/mad: Improve handling of timed out WRs of mad agent (bsc#1232873).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50117: drm/amd: Guard against bad data for ATIF ACPI method (bsc#1232897).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).
- CVE-2024-50135: nvme-pci: fix race condition between reset and nvme_dev_disable() (bsc#1232888).
- CVE-2024-50148: Bluetooth: bnep: fix wild-memory-access in proto_unregister (bsc#1233063).
- CVE-2024-50150: usb: typec: altmode should keep reference to parent (bsc#1233051).
- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).
- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).
- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).
- CVE-2024-50183: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1233130).
- CVE-2024-50187: drm/vc4: Stop the active perfmon before being destroyed (bsc#1233108).
- CVE-2024-50195: posix-clock: Fix missing timespec64 check in pc_clock_settime() (bsc#1233103).
- CVE-2024-50218: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (bsc#1233191).
- CVE-2024-50234: wifi: iwlegacy: Clear stale interrupts before resuming device (bsc#1233211).
- CVE-2024-50236: wifi: ath10k: Fix memory leak in management tx (bsc#1233212).
- CVE-2024-50237: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (bsc#1233216).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50265: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (bsc#1233454).
- CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).
- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).
- CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).
- CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).
- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233490).
- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491).
- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).
- CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).
- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).
- CVE-2024-53066: nfs: Fix KMSAN warning in decode_getfattr_attrs() (bsc#1233560).
- CVE-2024-53085: tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 bsc#1233577).
- CVE-2024-53088: i40e: fix race condition by adding filter's intermediate sync state (bsc#1233580).
- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
- CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072).
The following non-security bugs were fixed:
- drm/vc4: Warn if some v3d code is run on BCM2711 (bsc#1233108).
- initramfs: avoid filename buffer overrun (bsc#1232436).
- kernel-binary: Enable livepatch package only when livepatch is enabled (bsc#1218644).
- lpfc: size cpu map by last cpu id set (bsc#1157160).
- net: relax socket state check at accept time (git-fixes).
- ocfs2: uncache inode which has failed entering the group (bsc#1234087).
Patchnames
SUSE-2025-35,SUSE-SLE-SERVER-12-SP5-LTSS-2025-35,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-35
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-48853: swiotlb: fix info leak with DMA_FROM_DEVICE (bsc#1228015).\n- CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hci_error_reset (bsc#1222413).\n- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057).\n- CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044).\n- CVE-2024-27051: cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get\u0027s return value (bsc#1223769).\n- CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526).\n- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).\n- CVE-2024-42098: crypto: ecdh - explicitly zeroize private_key (bsc#1228779).\n- CVE-2024-42229: crypto: aead,cipher - zeroize key buffer after use (bsc#1228708).\n- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).\n- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).\n- CVE-2024-46771: can: bcm: Remove proc entry when dev is unregistered (bsc#1230766).\n- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).\n- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).\n- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).\n- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode()\u0026iput() (bsc#1231930).\n- CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920).\n- CVE-2024-49858: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (bsc#1232251).\n- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).\n- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).\n- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)\n- CVE-2024-49938: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (bsc#1232552).\n- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).\n- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).\n- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).\n- CVE-2024-50044: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (bsc#1231904).\n- CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329).\n- CVE-2024-50073: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (bsc#1232520).\n- CVE-2024-50074: parport: Proper fix for array out-of-bounds access (bsc#1232507).\n- CVE-2024-50095: RDMA/mad: Improve handling of timed out WRs of mad agent (bsc#1232873).\n- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).\n- CVE-2024-50117: drm/amd: Guard against bad data for ATIF ACPI method (bsc#1232897).\n- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).\n- CVE-2024-50135: nvme-pci: fix race condition between reset and nvme_dev_disable() (bsc#1232888).\n- CVE-2024-50148: Bluetooth: bnep: fix wild-memory-access in proto_unregister (bsc#1233063).\n- CVE-2024-50150: usb: typec: altmode should keep reference to parent (bsc#1233051).\n- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).\n- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).\n- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).\n- CVE-2024-50183: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1233130).\n- CVE-2024-50187: drm/vc4: Stop the active perfmon before being destroyed (bsc#1233108).\n- CVE-2024-50195: posix-clock: Fix missing timespec64 check in pc_clock_settime() (bsc#1233103).\n- CVE-2024-50218: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (bsc#1233191).\n- CVE-2024-50234: wifi: iwlegacy: Clear stale interrupts before resuming device (bsc#1233211).\n- CVE-2024-50236: wifi: ath10k: Fix memory leak in management tx (bsc#1233212).\n- CVE-2024-50237: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (bsc#1233216).\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233453).\n- CVE-2024-50265: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (bsc#1233454).\n- CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).\n- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).\n- CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467).\n- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).\n- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).\n- CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).\n- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).\n- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233490).\n- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491).\n- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).\n- CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).\n- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).\n- CVE-2024-53066: nfs: Fix KMSAN warning in decode_getfattr_attrs() (bsc#1233560).\n- CVE-2024-53085: tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 bsc#1233577).\n- CVE-2024-53088: i40e: fix race condition by adding filter\u0027s intermediate sync state (bsc#1233580).\n- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).\n- CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072).\n\nThe following non-security bugs were fixed:\n\n- drm/vc4: Warn if some v3d code is run on BCM2711 (bsc#1233108).\n- initramfs: avoid filename buffer overrun (bsc#1232436).\n- kernel-binary: Enable livepatch package only when livepatch is enabled (bsc#1218644).\n- lpfc: size cpu map by last cpu id set (bsc#1157160).\n- net: relax socket state check at accept time (git-fixes).\n- ocfs2: uncache inode which has failed entering the group (bsc#1234087).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-35,SUSE-SLE-SERVER-12-SP5-LTSS-2025-35,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-35",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0035-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0035-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250035-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0035-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020070.html"
},
{
"category": "self",
"summary": "SUSE Bug 1082555",
"url": "https://bugzilla.suse.com/1082555"
},
{
"category": "self",
"summary": "SUSE Bug 1157160",
"url": "https://bugzilla.suse.com/1157160"
},
{
"category": "self",
"summary": "SUSE Bug 1218644",
"url": "https://bugzilla.suse.com/1218644"
},
{
"category": "self",
"summary": "SUSE Bug 1221977",
"url": "https://bugzilla.suse.com/1221977"
},
{
"category": "self",
"summary": "SUSE Bug 1222364",
"url": "https://bugzilla.suse.com/1222364"
},
{
"category": "self",
"summary": "SUSE Bug 1222413",
"url": "https://bugzilla.suse.com/1222413"
},
{
"category": "self",
"summary": "SUSE Bug 1223044",
"url": "https://bugzilla.suse.com/1223044"
},
{
"category": "self",
"summary": "SUSE Bug 1223057",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "self",
"summary": "SUSE Bug 1223769",
"url": "https://bugzilla.suse.com/1223769"
},
{
"category": "self",
"summary": "SUSE Bug 1224526",
"url": "https://bugzilla.suse.com/1224526"
},
{
"category": "self",
"summary": "SUSE Bug 1225730",
"url": "https://bugzilla.suse.com/1225730"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225764",
"url": "https://bugzilla.suse.com/1225764"
},
{
"category": "self",
"summary": "SUSE Bug 1228015",
"url": "https://bugzilla.suse.com/1228015"
},
{
"category": "self",
"summary": "SUSE Bug 1228650",
"url": "https://bugzilla.suse.com/1228650"
},
{
"category": "self",
"summary": "SUSE Bug 1228708",
"url": "https://bugzilla.suse.com/1228708"
},
{
"category": "self",
"summary": "SUSE Bug 1228779",
"url": "https://bugzilla.suse.com/1228779"
},
{
"category": "self",
"summary": "SUSE Bug 1230231",
"url": "https://bugzilla.suse.com/1230231"
},
{
"category": "self",
"summary": "SUSE Bug 1230429",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "self",
"summary": "SUSE Bug 1230766",
"url": "https://bugzilla.suse.com/1230766"
},
{
"category": "self",
"summary": "SUSE Bug 1230773",
"url": "https://bugzilla.suse.com/1230773"
},
{
"category": "self",
"summary": "SUSE Bug 1230784",
"url": "https://bugzilla.suse.com/1230784"
},
{
"category": "self",
"summary": "SUSE Bug 1230827",
"url": "https://bugzilla.suse.com/1230827"
},
{
"category": "self",
"summary": "SUSE Bug 1231184",
"url": "https://bugzilla.suse.com/1231184"
},
{
"category": "self",
"summary": "SUSE Bug 1231439",
"url": "https://bugzilla.suse.com/1231439"
},
{
"category": "self",
"summary": "SUSE Bug 1231904",
"url": "https://bugzilla.suse.com/1231904"
},
{
"category": "self",
"summary": "SUSE Bug 1231920",
"url": "https://bugzilla.suse.com/1231920"
},
{
"category": "self",
"summary": "SUSE Bug 1231930",
"url": "https://bugzilla.suse.com/1231930"
},
{
"category": "self",
"summary": "SUSE Bug 1232157",
"url": "https://bugzilla.suse.com/1232157"
},
{
"category": "self",
"summary": "SUSE Bug 1232159",
"url": "https://bugzilla.suse.com/1232159"
},
{
"category": "self",
"summary": "SUSE Bug 1232165",
"url": "https://bugzilla.suse.com/1232165"
},
{
"category": "self",
"summary": "SUSE Bug 1232198",
"url": "https://bugzilla.suse.com/1232198"
},
{
"category": "self",
"summary": "SUSE Bug 1232201",
"url": "https://bugzilla.suse.com/1232201"
},
{
"category": "self",
"summary": "SUSE Bug 1232224",
"url": "https://bugzilla.suse.com/1232224"
},
{
"category": "self",
"summary": "SUSE Bug 1232251",
"url": "https://bugzilla.suse.com/1232251"
},
{
"category": "self",
"summary": "SUSE Bug 1232272",
"url": "https://bugzilla.suse.com/1232272"
},
{
"category": "self",
"summary": "SUSE Bug 1232329",
"url": "https://bugzilla.suse.com/1232329"
},
{
"category": "self",
"summary": "SUSE Bug 1232371",
"url": "https://bugzilla.suse.com/1232371"
},
{
"category": "self",
"summary": "SUSE Bug 1232436",
"url": "https://bugzilla.suse.com/1232436"
},
{
"category": "self",
"summary": "SUSE Bug 1232507",
"url": "https://bugzilla.suse.com/1232507"
},
{
"category": "self",
"summary": "SUSE Bug 1232520",
"url": "https://bugzilla.suse.com/1232520"
},
{
"category": "self",
"summary": "SUSE Bug 1232552",
"url": "https://bugzilla.suse.com/1232552"
},
{
"category": "self",
"summary": "SUSE Bug 1232873",
"url": "https://bugzilla.suse.com/1232873"
},
{
"category": "self",
"summary": "SUSE Bug 1232887",
"url": "https://bugzilla.suse.com/1232887"
},
{
"category": "self",
"summary": "SUSE Bug 1232888",
"url": "https://bugzilla.suse.com/1232888"
},
{
"category": "self",
"summary": "SUSE Bug 1232897",
"url": "https://bugzilla.suse.com/1232897"
},
{
"category": "self",
"summary": "SUSE Bug 1232919",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "self",
"summary": "SUSE Bug 1232928",
"url": "https://bugzilla.suse.com/1232928"
},
{
"category": "self",
"summary": "SUSE Bug 1233049",
"url": "https://bugzilla.suse.com/1233049"
},
{
"category": "self",
"summary": "SUSE Bug 1233051",
"url": "https://bugzilla.suse.com/1233051"
},
{
"category": "self",
"summary": "SUSE Bug 1233057",
"url": "https://bugzilla.suse.com/1233057"
},
{
"category": "self",
"summary": "SUSE Bug 1233063",
"url": "https://bugzilla.suse.com/1233063"
},
{
"category": "self",
"summary": "SUSE Bug 1233070",
"url": "https://bugzilla.suse.com/1233070"
},
{
"category": "self",
"summary": "SUSE Bug 1233097",
"url": "https://bugzilla.suse.com/1233097"
},
{
"category": "self",
"summary": "SUSE Bug 1233103",
"url": "https://bugzilla.suse.com/1233103"
},
{
"category": "self",
"summary": "SUSE Bug 1233108",
"url": "https://bugzilla.suse.com/1233108"
},
{
"category": "self",
"summary": "SUSE Bug 1233111",
"url": "https://bugzilla.suse.com/1233111"
},
{
"category": "self",
"summary": "SUSE Bug 1233123",
"url": "https://bugzilla.suse.com/1233123"
},
{
"category": "self",
"summary": "SUSE Bug 1233130",
"url": "https://bugzilla.suse.com/1233130"
},
{
"category": "self",
"summary": "SUSE Bug 1233191",
"url": "https://bugzilla.suse.com/1233191"
},
{
"category": "self",
"summary": "SUSE Bug 1233211",
"url": "https://bugzilla.suse.com/1233211"
},
{
"category": "self",
"summary": "SUSE Bug 1233212",
"url": "https://bugzilla.suse.com/1233212"
},
{
"category": "self",
"summary": "SUSE Bug 1233216",
"url": "https://bugzilla.suse.com/1233216"
},
{
"category": "self",
"summary": "SUSE Bug 1233453",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "self",
"summary": "SUSE Bug 1233454",
"url": "https://bugzilla.suse.com/1233454"
},
{
"category": "self",
"summary": "SUSE Bug 1233456",
"url": "https://bugzilla.suse.com/1233456"
},
{
"category": "self",
"summary": "SUSE Bug 1233462",
"url": "https://bugzilla.suse.com/1233462"
},
{
"category": "self",
"summary": "SUSE Bug 1233467",
"url": "https://bugzilla.suse.com/1233467"
},
{
"category": "self",
"summary": "SUSE Bug 1233468",
"url": "https://bugzilla.suse.com/1233468"
},
{
"category": "self",
"summary": "SUSE Bug 1233478",
"url": "https://bugzilla.suse.com/1233478"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233485",
"url": "https://bugzilla.suse.com/1233485"
},
{
"category": "self",
"summary": "SUSE Bug 1233490",
"url": "https://bugzilla.suse.com/1233490"
},
{
"category": "self",
"summary": "SUSE Bug 1233491",
"url": "https://bugzilla.suse.com/1233491"
},
{
"category": "self",
"summary": "SUSE Bug 1233552",
"url": "https://bugzilla.suse.com/1233552"
},
{
"category": "self",
"summary": "SUSE Bug 1233555",
"url": "https://bugzilla.suse.com/1233555"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1233560",
"url": "https://bugzilla.suse.com/1233560"
},
{
"category": "self",
"summary": "SUSE Bug 1233577",
"url": "https://bugzilla.suse.com/1233577"
},
{
"category": "self",
"summary": "SUSE Bug 1233580",
"url": "https://bugzilla.suse.com/1233580"
},
{
"category": "self",
"summary": "SUSE Bug 1234025",
"url": "https://bugzilla.suse.com/1234025"
},
{
"category": "self",
"summary": "SUSE Bug 1234072",
"url": "https://bugzilla.suse.com/1234072"
},
{
"category": "self",
"summary": "SUSE Bug 1234087",
"url": "https://bugzilla.suse.com/1234087"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47162 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48853 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26801 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27051 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42131 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42229 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46771 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46777 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46800 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47660 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47679 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47701 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49858 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49868 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49952 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50044 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50073 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50074 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50095 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50115 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50117 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50125 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50148 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50150 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50154 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50167 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50171 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50179 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50183 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50187 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50194 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50195 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50210 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50218 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50234 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50236/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50265 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50267 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50273 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50273/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50278 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50278/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50279 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50279/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50289 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50296 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50301 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50302 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50302/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53058 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53066 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53088 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53104 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53114 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53142 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53142/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-01-08T09:47:34Z",
"generator": {
"date": "2025-01-08T09:47:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0035-1",
"initial_release_date": "2025-01-08T09:47:34Z",
"revision_history": [
{
"date": "2025-01-08T09:47:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.237.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-122.237.1.aarch64",
"product_id": "kernel-default-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-122.237.1.aarch64",
"product_id": "kernel-default-base-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-122.237.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.237.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-122.237.1.aarch64",
"product_id": "kernel-syms-4.12.14-122.237.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-122.237.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-122.237.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-122.237.1.noarch",
"product_id": "kernel-devel-4.12.14-122.237.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-122.237.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-122.237.1.noarch",
"product_id": "kernel-macros-4.12.14-122.237.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-122.237.1.noarch",
"product": {
"name": "kernel-source-4.12.14-122.237.1.noarch",
"product_id": "kernel-source-4.12.14-122.237.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-default-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-default-base-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.237.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-122.237.1.ppc64le",
"product_id": "kernel-syms-4.12.14-122.237.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-122.237.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.237.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-122.237.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.237.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-base-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-base-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-devel-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-122.237.1.s390x",
"product_id": "kernel-default-man-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.237.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-122.237.1.s390x",
"product_id": "kernel-syms-4.12.14-122.237.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-122.237.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.237.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-122.237.1.x86_64",
"product_id": "kernel-default-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-122.237.1.x86_64",
"product_id": "kernel-default-base-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-122.237.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.237.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-122.237.1.x86_64",
"product_id": "kernel-syms-4.12.14-122.237.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.237.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.237.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.237.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.237.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.237.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.237.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.237.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.237.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.237.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.237.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.237.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.237.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: skb_linearize the head skb when reassembling msgs\n\nIt\u0027s not a good idea to append the frag skb to a skb\u0027s frag_list if\nthe frag_list already has skbs from elsewhere, such as this skb was\ncreated by pskb_copy() where the frag_list was cloned (all the skbs\nin it were skb_get\u0027ed) and shared by multiple skbs.\n\nHowever, the new appended frag skb should have been only seen by the\ncurrent skb. Otherwise, it will cause use after free crashes as this\nappended frag skb are seen by multiple skbs but it only got skb_get\ncalled once.\n\nThe same thing happens with a skb updated by pskb_may_pull() with a\nskb_cloned skb. Li Shuang has reported quite a few crashes caused\nby this when doing testing over macvlan devices:\n\n [] kernel BUG at net/core/skbuff.c:1970!\n [] Call Trace:\n [] skb_clone+0x4d/0xb0\n [] macvlan_broadcast+0xd8/0x160 [macvlan]\n [] macvlan_process_broadcast+0x148/0x150 [macvlan]\n [] process_one_work+0x1a7/0x360\n [] worker_thread+0x30/0x390\n\n [] kernel BUG at mm/usercopy.c:102!\n [] Call Trace:\n [] __check_heap_object+0xd3/0x100\n [] __check_object_size+0xff/0x16b\n [] simple_copy_to_iter+0x1c/0x30\n [] __skb_datagram_iter+0x7d/0x310\n [] __skb_datagram_iter+0x2a5/0x310\n [] skb_copy_datagram_iter+0x3b/0x90\n [] tipc_recvmsg+0x14a/0x3a0 [tipc]\n [] ____sys_recvmsg+0x91/0x150\n [] ___sys_recvmsg+0x7b/0xc0\n\n [] kernel BUG at mm/slub.c:305!\n [] Call Trace:\n [] \u003cIRQ\u003e\n [] kmem_cache_free+0x3ff/0x400\n [] __netif_receive_skb_core+0x12c/0xc40\n [] ? kmem_cache_alloc+0x12e/0x270\n [] netif_receive_skb_internal+0x3d/0xb0\n [] ? get_rx_page_info+0x8e/0xa0 [be2net]\n [] be_poll+0x6ef/0xd00 [be2net]\n [] ? irq_exit+0x4f/0x100\n [] net_rx_action+0x149/0x3b0\n\n ...\n\nThis patch is to fix it by linearizing the head skb if it has frag_list\nset in tipc_buf_append(). Note that we choose to do this before calling\nskb_unshare(), as __skb_linearize() will avoid skb_copy(). Also, we can\nnot just drop the frag_list either as the early time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47162",
"url": "https://www.suse.com/security/cve/CVE-2021-47162"
},
{
"category": "external",
"summary": "SUSE Bug 1221977 for CVE-2021-47162",
"url": "https://bugzilla.suse.com/1221977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2021-47162"
},
{
"cve": "CVE-2022-48853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nswiotlb: fix info leak with DMA_FROM_DEVICE\n\nThe problem I\u0027m addressing was discovered by the LTP test covering\ncve-2018-1000204.\n\nA short description of what happens follows:\n1) The test case issues a command code 00 (TEST UNIT READY) via the SG_IO\n interface with: dxfer_len == 524288, dxdfer_dir == SG_DXFER_FROM_DEV\n and a corresponding dxferp. The peculiar thing about this is that TUR\n is not reading from the device.\n2) In sg_start_req() the invocation of blk_rq_map_user() effectively\n bounces the user-space buffer. As if the device was to transfer into\n it. Since commit a45b599ad808 (\"scsi: sg: allocate with __GFP_ZERO in\n sg_build_indirect()\") we make sure this first bounce buffer is\n allocated with GFP_ZERO.\n3) For the rest of the story we keep ignoring that we have a TUR, so the\n device won\u0027t touch the buffer we prepare as if the we had a\n DMA_FROM_DEVICE type of situation. My setup uses a virtio-scsi device\n and the buffer allocated by SG is mapped by the function\n virtqueue_add_split() which uses DMA_FROM_DEVICE for the \"in\" sgs (here\n scatter-gather and not scsi generics). This mapping involves bouncing\n via the swiotlb (we need swiotlb to do virtio in protected guest like\n s390 Secure Execution, or AMD SEV).\n4) When the SCSI TUR is done, we first copy back the content of the second\n (that is swiotlb) bounce buffer (which most likely contains some\n previous IO data), to the first bounce buffer, which contains all\n zeros. Then we copy back the content of the first bounce buffer to\n the user-space buffer.\n5) The test case detects that the buffer, which it zero-initialized,\n ain\u0027t all zeros and fails.\n\nOne can argue that this is an swiotlb problem, because without swiotlb\nwe leak all zeros, and the swiotlb should be transparent in a sense that\nit does not affect the outcome (if all other participants are well\nbehaved).\n\nCopying the content of the original buffer into the swiotlb buffer is\nthe only way I can think of to make swiotlb transparent in such\nscenarios. So let\u0027s do just that if in doubt, but allow the driver\nto tell us that the whole mapped buffer is going to be overwritten,\nin which case we can preserve the old behavior and avoid the performance\nimpact of the extra bounce.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48853",
"url": "https://www.suse.com/security/cve/CVE-2022-48853"
},
{
"category": "external",
"summary": "SUSE Bug 1228015 for CVE-2022-48853",
"url": "https://bugzilla.suse.com/1228015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2022-48853"
},
{
"cve": "CVE-2024-26801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Avoid potential use-after-free in hci_error_reset\n\nWhile handling the HCI_EV_HARDWARE_ERROR event, if the underlying\nBT controller is not responding, the GPIO reset mechanism would\nfree the hci_dev and lead to a use-after-free in hci_error_reset.\n\nHere\u0027s the call trace observed on a ChromeOS device with Intel AX201:\n queue_work_on+0x3e/0x6c\n __hci_cmd_sync_sk+0x2ee/0x4c0 [bluetooth \u003cHASH:3b4a6\u003e]\n ? init_wait_entry+0x31/0x31\n __hci_cmd_sync+0x16/0x20 [bluetooth \u003cHASH:3b4a 6\u003e]\n hci_error_reset+0x4f/0xa4 [bluetooth \u003cHASH:3b4a 6\u003e]\n process_one_work+0x1d8/0x33f\n worker_thread+0x21b/0x373\n kthread+0x13a/0x152\n ? pr_cont_work+0x54/0x54\n ? kthread_blkcg+0x31/0x31\n ret_from_fork+0x1f/0x30\n\nThis patch holds the reference count on the hci_dev while processing\na HCI_EV_HARDWARE_ERROR event to avoid potential crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26801",
"url": "https://www.suse.com/security/cve/CVE-2024-26801"
},
{
"category": "external",
"summary": "SUSE Bug 1222413 for CVE-2024-26801",
"url": "https://bugzilla.suse.com/1222413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26801"
},
{
"cve": "CVE-2024-26852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: avoid possible UAF in ip6_route_mpath_notify()\n\nsyzbot found another use-after-free in ip6_route_mpath_notify() [1]\n\nCommit f7225172f25a (\"net/ipv6: prevent use after free in\nip6_route_mpath_notify\") was not able to fix the root cause.\n\nWe need to defer the fib6_info_release() calls after\nip6_route_mpath_notify(), in the cleanup phase.\n\n[1]\nBUG: KASAN: slab-use-after-free in rt6_fill_node+0x1460/0x1ac0\nRead of size 4 at addr ffff88809a07fc64 by task syz-executor.2/23037\n\nCPU: 0 PID: 23037 Comm: syz-executor.2 Not tainted 6.8.0-rc4-syzkaller-01035-gea7f3cfaa588 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x167/0x540 mm/kasan/report.c:488\n kasan_report+0x142/0x180 mm/kasan/report.c:601\n rt6_fill_node+0x1460/0x1ac0\n inet6_rt_notify+0x13b/0x290 net/ipv6/route.c:6184\n ip6_route_mpath_notify net/ipv6/route.c:5198 [inline]\n ip6_route_multipath_add net/ipv6/route.c:5404 [inline]\n inet6_rtm_newroute+0x1d0f/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f73dd87dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f73de6550c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f73dd9ac050 RCX: 00007f73dd87dda9\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f73dd8ca47a R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f73dd9ac050 R15: 00007ffdbdeb7858\n \u003c/TASK\u003e\n\nAllocated by task 23037:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:372 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:389\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3981 [inline]\n __kmalloc+0x22e/0x490 mm/slub.c:3994\n kmalloc include/linux/slab.h:594 [inline]\n kzalloc include/linux/slab.h:711 [inline]\n fib6_info_alloc+0x2e/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x445/0x12b0 net/ipv6/route.c:3758\n ip6_route_multipath_add net/ipv6/route.c:5298 [inline]\n inet6_rtm_newroute+0x744/0x2300 net/ipv6/route.c:5517\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6597\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nFreed by task 16:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x4e/0x60 mm/kasan/generic.c:640\n poison_slab_object+0xa6/0xe0 m\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26852",
"url": "https://www.suse.com/security/cve/CVE-2024-26852"
},
{
"category": "external",
"summary": "SUSE Bug 1223057 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223057"
},
{
"category": "external",
"summary": "SUSE Bug 1223059 for CVE-2024-26852",
"url": "https://bugzilla.suse.com/1223059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: af_bluetooth: Fix deadlock\n\nAttemting to do sock_lock on .recvmsg may cause a deadlock as shown\nbellow, so instead of using sock_sock this uses sk_receive_queue.lock\non bt_sock_ioctl to avoid the UAF:\n\nINFO: task kworker/u9:1:121 blocked for more than 30 seconds.\n Not tainted 6.7.6-lemon #183\nWorkqueue: hci0 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __schedule+0x37d/0xa00\n schedule+0x32/0xe0\n __lock_sock+0x68/0xa0\n ? __pfx_autoremove_wake_function+0x10/0x10\n lock_sock_nested+0x43/0x50\n l2cap_sock_recv_cb+0x21/0xa0\n l2cap_recv_frame+0x55b/0x30a0\n ? psi_task_switch+0xeb/0x270\n ? finish_task_switch.isra.0+0x93/0x2a0\n hci_rx_work+0x33a/0x3f0\n process_one_work+0x13a/0x2f0\n worker_thread+0x2f0/0x410\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe0/0x110\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2c/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26886",
"url": "https://www.suse.com/security/cve/CVE-2024-26886"
},
{
"category": "external",
"summary": "SUSE Bug 1223044 for CVE-2024-26886",
"url": "https://bugzilla.suse.com/1223044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-26886"
},
{
"cve": "CVE-2024-27051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get\u0027s return value\n\ncpufreq_cpu_get may return NULL. To avoid NULL-dereference check it\nand return 0 in case of error.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27051",
"url": "https://www.suse.com/security/cve/CVE-2024-27051"
},
{
"category": "external",
"summary": "SUSE Bug 1223769 for CVE-2024-27051",
"url": "https://bugzilla.suse.com/1223769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-27051"
},
{
"cve": "CVE-2024-35937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: check A-MSDU format more carefully\n\nIf it looks like there\u0027s another subframe in the A-MSDU\nbut the header isn\u0027t fully there, we can end up reading\ndata out of bounds, only to discard later. Make this a\nbit more careful and check if the subframe header can\neven be present.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35937",
"url": "https://www.suse.com/security/cve/CVE-2024-35937"
},
{
"category": "external",
"summary": "SUSE Bug 1224526 for CVE-2024-35937",
"url": "https://bugzilla.suse.com/1224526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-35937"
},
{
"cve": "CVE-2024-36886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix UAF in error path\n\nSam Page (sam4k) working with Trend Micro Zero Day Initiative reported\na UAF in the tipc_buf_append() error path:\n\nBUG: KASAN: slab-use-after-free in kfree_skb_list_reason+0x47e/0x4c0\nlinux/net/core/skbuff.c:1183\nRead of size 8 at addr ffff88804d2a7c80 by task poc/8034\n\nCPU: 1 PID: 8034 Comm: poc Not tainted 6.8.2 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.0-debian-1.16.0-5 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack linux/lib/dump_stack.c:88\n dump_stack_lvl+0xd9/0x1b0 linux/lib/dump_stack.c:106\n print_address_description linux/mm/kasan/report.c:377\n print_report+0xc4/0x620 linux/mm/kasan/report.c:488\n kasan_report+0xda/0x110 linux/mm/kasan/report.c:601\n kfree_skb_list_reason+0x47e/0x4c0 linux/net/core/skbuff.c:1183\n skb_release_data+0x5af/0x880 linux/net/core/skbuff.c:1026\n skb_release_all linux/net/core/skbuff.c:1094\n __kfree_skb linux/net/core/skbuff.c:1108\n kfree_skb_reason+0x12d/0x210 linux/net/core/skbuff.c:1144\n kfree_skb linux/./include/linux/skbuff.h:1244\n tipc_buf_append+0x425/0xb50 linux/net/tipc/msg.c:186\n tipc_link_input+0x224/0x7c0 linux/net/tipc/link.c:1324\n tipc_link_rcv+0x76e/0x2d70 linux/net/tipc/link.c:1824\n tipc_rcv+0x45f/0x10f0 linux/net/tipc/node.c:2159\n tipc_udp_recv+0x73b/0x8f0 linux/net/tipc/udp_media.c:390\n udp_queue_rcv_one_skb+0xad2/0x1850 linux/net/ipv4/udp.c:2108\n udp_queue_rcv_skb+0x131/0xb00 linux/net/ipv4/udp.c:2186\n udp_unicast_rcv_skb+0x165/0x3b0 linux/net/ipv4/udp.c:2346\n __udp4_lib_rcv+0x2594/0x3400 linux/net/ipv4/udp.c:2422\n ip_protocol_deliver_rcu+0x30c/0x4e0 linux/net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2e4/0x520 linux/net/ipv4/ip_input.c:233\n NF_HOOK linux/./include/linux/netfilter.h:314\n NF_HOOK linux/./include/linux/netfilter.h:308\n ip_local_deliver+0x18e/0x1f0 linux/net/ipv4/ip_input.c:254\n dst_input linux/./include/net/dst.h:461\n ip_rcv_finish linux/net/ipv4/ip_input.c:449\n NF_HOOK linux/./include/linux/netfilter.h:314\n NF_HOOK linux/./include/linux/netfilter.h:308\n ip_rcv+0x2c5/0x5d0 linux/net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core+0x199/0x1e0 linux/net/core/dev.c:5534\n __netif_receive_skb+0x1f/0x1c0 linux/net/core/dev.c:5648\n process_backlog+0x101/0x6b0 linux/net/core/dev.c:5976\n __napi_poll.constprop.0+0xba/0x550 linux/net/core/dev.c:6576\n napi_poll linux/net/core/dev.c:6645\n net_rx_action+0x95a/0xe90 linux/net/core/dev.c:6781\n __do_softirq+0x21f/0x8e7 linux/kernel/softirq.c:553\n do_softirq linux/kernel/softirq.c:454\n do_softirq+0xb2/0xf0 linux/kernel/softirq.c:441\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0x100/0x120 linux/kernel/softirq.c:381\n local_bh_enable linux/./include/linux/bottom_half.h:33\n rcu_read_unlock_bh linux/./include/linux/rcupdate.h:851\n __dev_queue_xmit+0x871/0x3ee0 linux/net/core/dev.c:4378\n dev_queue_xmit linux/./include/linux/netdevice.h:3169\n neigh_hh_output linux/./include/net/neighbour.h:526\n neigh_output linux/./include/net/neighbour.h:540\n ip_finish_output2+0x169f/0x2550 linux/net/ipv4/ip_output.c:235\n __ip_finish_output linux/net/ipv4/ip_output.c:313\n __ip_finish_output+0x49e/0x950 linux/net/ipv4/ip_output.c:295\n ip_finish_output+0x31/0x310 linux/net/ipv4/ip_output.c:323\n NF_HOOK_COND linux/./include/linux/netfilter.h:303\n ip_output+0x13b/0x2a0 linux/net/ipv4/ip_output.c:433\n dst_output linux/./include/net/dst.h:451\n ip_local_out linux/net/ipv4/ip_output.c:129\n ip_send_skb+0x3e5/0x560 linux/net/ipv4/ip_output.c:1492\n udp_send_skb+0x73f/0x1530 linux/net/ipv4/udp.c:963\n udp_sendmsg+0x1a36/0x2b40 linux/net/ipv4/udp.c:1250\n inet_sendmsg+0x105/0x140 linux/net/ipv4/af_inet.c:850\n sock_sendmsg_nosec linux/net/socket.c:730\n __sock_sendmsg linux/net/socket.c:745\n __sys_sendto+0x42c/0x4e0 linux/net/socket.c:2191\n __do_sys_sendto linux/net/socket.c:2203\n __se_sys_sendto linux/net/socket.c:2199\n __x64_sys_sendto+0xe0/0x1c0 linux/net/socket.c:2199\n do_syscall_x64 linux/arch/x86/entry/common.c:52\n do_syscall_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36886",
"url": "https://www.suse.com/security/cve/CVE-2024-36886"
},
{
"category": "external",
"summary": "SUSE Bug 1225730 for CVE-2024-36886",
"url": "https://bugzilla.suse.com/1225730"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-36886",
"url": "https://bugzilla.suse.com/1225742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-36886"
},
{
"cve": "CVE-2024-36905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets\n\nTCP_SYN_RECV state is really special, it is only used by\ncross-syn connections, mostly used by fuzzers.\n\nIn the following crash [1], syzbot managed to trigger a divide\nby zero in tcp_rcv_space_adjust()\n\nA socket makes the following state transitions,\nwithout ever calling tcp_init_transfer(),\nmeaning tcp_init_buffer_space() is also not called.\n\n TCP_CLOSE\nconnect()\n TCP_SYN_SENT\n TCP_SYN_RECV\nshutdown() -\u003e tcp_shutdown(sk, SEND_SHUTDOWN)\n TCP_FIN_WAIT1\n\nTo fix this issue, change tcp_shutdown() to not\nperform a TCP_SYN_RECV -\u003e TCP_FIN_WAIT1 transition,\nwhich makes no sense anyway.\n\nWhen tcp_rcv_state_process() later changes socket state\nfrom TCP_SYN_RECV to TCP_ESTABLISH, then look at\nsk-\u003esk_shutdown to finally enter TCP_FIN_WAIT1 state,\nand send a FIN packet from a sane socket state.\n\nThis means tcp_send_fin() can now be called from BH\ncontext, and must use GFP_ATOMIC allocations.\n\n[1]\ndivide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 1 PID: 5084 Comm: syz-executor358 Not tainted 6.9.0-rc6-syzkaller-00022-g98369dccd2f8 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\n RIP: 0010:tcp_rcv_space_adjust+0x2df/0x890 net/ipv4/tcp_input.c:767\nCode: e3 04 4c 01 eb 48 8b 44 24 38 0f b6 04 10 84 c0 49 89 d5 0f 85 a5 03 00 00 41 8b 8e c8 09 00 00 89 e8 29 c8 48 0f af c3 31 d2 \u003c48\u003e f7 f1 48 8d 1c 43 49 8d 96 76 08 00 00 48 89 d0 48 c1 e8 03 48\nRSP: 0018:ffffc900031ef3f0 EFLAGS: 00010246\nRAX: 0c677a10441f8f42 RBX: 000000004fb95e7e RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000027d4b11f R08: ffffffff89e535a4 R09: 1ffffffff25e6ab7\nR10: dffffc0000000000 R11: ffffffff8135e920 R12: ffff88802a9f8d30\nR13: dffffc0000000000 R14: ffff88802a9f8d00 R15: 1ffff1100553f2da\nFS: 00005555775c0380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f1155bf2304 CR3: 000000002b9f2000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcp_recvmsg_locked+0x106d/0x25a0 net/ipv4/tcp.c:2513\n tcp_recvmsg+0x25d/0x920 net/ipv4/tcp.c:2578\n inet6_recvmsg+0x16a/0x730 net/ipv6/af_inet6.c:680\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x109/0x280 net/socket.c:1068\n ____sys_recvmsg+0x1db/0x470 net/socket.c:2803\n ___sys_recvmsg net/socket.c:2845 [inline]\n do_recvmmsg+0x474/0xae0 net/socket.c:2939\n __sys_recvmmsg net/socket.c:3018 [inline]\n __do_sys_recvmmsg net/socket.c:3041 [inline]\n __se_sys_recvmmsg net/socket.c:3034 [inline]\n __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3034\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7faeb6363db9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffcc1997168 EFLAGS: 00000246 ORIG_RAX: 000000000000012b\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faeb6363db9\nRDX: 0000000000000001 RSI: 0000000020000bc0 RDI: 0000000000000005\nRBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000001c\nR10: 0000000000000122 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36905",
"url": "https://www.suse.com/security/cve/CVE-2024-36905"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-36905",
"url": "https://bugzilla.suse.com/1225742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-36905"
},
{
"cve": "CVE-2024-36954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix a possible memleak in tipc_buf_append\n\n__skb_linearize() doesn\u0027t free the skb when it fails, so move\n\u0027*buf = NULL\u0027 after __skb_linearize(), so that the skb can be\nfreed on the err path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36954",
"url": "https://www.suse.com/security/cve/CVE-2024-36954"
},
{
"category": "external",
"summary": "SUSE Bug 1225764 for CVE-2024-36954",
"url": "https://bugzilla.suse.com/1225764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-36954"
},
{
"cve": "CVE-2024-42098",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42098"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ecdh - explicitly zeroize private_key\n\nprivate_key is overwritten with the key parameter passed in by the\ncaller (if present), or alternatively a newly generated private key.\nHowever, it is possible that the caller provides a key (or the newly\ngenerated key) which is shorter than the previous key. In that\nscenario, some key material from the previous key would not be\noverwritten. The easiest solution is to explicitly zeroize the entire\nprivate_key array first.\n\nNote that this patch slightly changes the behavior of this function:\npreviously, if the ecc_gen_privkey failed, the old private_key would\nremain. Now, the private_key is always zeroized. This behavior is\nconsistent with the case where params.key is set and ecc_is_key_valid\nfails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42098",
"url": "https://www.suse.com/security/cve/CVE-2024-42098"
},
{
"category": "external",
"summary": "SUSE Bug 1228779 for CVE-2024-42098",
"url": "https://bugzilla.suse.com/1228779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-42098"
},
{
"cve": "CVE-2024-42131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: avoid overflows in dirty throttling logic\n\nThe dirty throttling logic is interspersed with assumptions that dirty\nlimits in PAGE_SIZE units fit into 32-bit (so that various multiplications\nfit into 64-bits). If limits end up being larger, we will hit overflows,\npossible divisions by 0 etc. Fix these problems by never allowing so\nlarge dirty limits as they have dubious practical value anyway. For\ndirty_bytes / dirty_background_bytes interfaces we can just refuse to set\nso large limits. For dirty_ratio / dirty_background_ratio it isn\u0027t so\nsimple as the dirty limit is computed from the amount of available memory\nwhich can change due to memory hotplug etc. So when converting dirty\nlimits from ratios to numbers of pages, we just don\u0027t allow the result to\nexceed UINT_MAX.\n\nThis is root-only triggerable problem which occurs when the operator\nsets dirty limits to \u003e16 TB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42131",
"url": "https://www.suse.com/security/cve/CVE-2024-42131"
},
{
"category": "external",
"summary": "SUSE Bug 1228650 for CVE-2024-42131",
"url": "https://bugzilla.suse.com/1228650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-42131"
},
{
"cve": "CVE-2024-42229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42229"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: aead,cipher - zeroize key buffer after use\n\nI.G 9.7.B for FIPS 140-3 specifies that variables temporarily holding\ncryptographic information should be zeroized once they are no longer\nneeded. Accomplish this by using kfree_sensitive for buffers that\npreviously held the private key.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42229",
"url": "https://www.suse.com/security/cve/CVE-2024-42229"
},
{
"category": "external",
"summary": "SUSE Bug 1228708 for CVE-2024-42229",
"url": "https://bugzilla.suse.com/1228708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-42229"
},
{
"cve": "CVE-2024-44995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix a deadlock problem when config TC during resetting\n\nWhen config TC during the reset process, may cause a deadlock, the flow is\nas below:\n pf reset start\n |\n \u25bc\n ......\nsetup tc |\n | \u25bc\n \u25bc DOWN: napi_disable()\nnapi_disable()(skip) |\n | |\n \u25bc \u25bc\n ...... ......\n | |\n \u25bc |\nnapi_enable() |\n \u25bc\n UINIT: netif_napi_del()\n |\n \u25bc\n ......\n |\n \u25bc\n INIT: netif_napi_add()\n |\n \u25bc\n ...... global reset start\n | |\n \u25bc \u25bc\n UP: napi_enable()(skip) ......\n | |\n \u25bc \u25bc\n ...... napi_disable()\n\nIn reset process, the driver will DOWN the port and then UINIT, in this\ncase, the setup tc process will UP the port before UINIT, so cause the\nproblem. Adds a DOWN process in UINIT to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44995",
"url": "https://www.suse.com/security/cve/CVE-2024-44995"
},
{
"category": "external",
"summary": "SUSE Bug 1230231 for CVE-2024-44995",
"url": "https://bugzilla.suse.com/1230231"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-44995"
},
{
"cve": "CVE-2024-45016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: fix return value if duplicate enqueue fails\n\nThere is a bug in netem_enqueue() introduced by\ncommit 5845f706388a (\"net: netem: fix skb length BUG_ON in __skb_to_sgvec\")\nthat can lead to a use-after-free.\n\nThis commit made netem_enqueue() always return NET_XMIT_SUCCESS\nwhen a packet is duplicated, which can cause the parent qdisc\u0027s q.qlen\nto be mistakenly incremented. When this happens qlen_notify() may be\nskipped on the parent during destruction, leaving a dangling pointer\nfor some classful qdiscs like DRR.\n\nThere are two ways for the bug happen:\n\n- If the duplicated packet is dropped by rootq-\u003eenqueue() and then\n the original packet is also dropped.\n- If rootq-\u003eenqueue() sends the duplicated packet to a different qdisc\n and the original packet is dropped.\n\nIn both cases NET_XMIT_SUCCESS is returned even though no packets\nare enqueued at the netem qdisc.\n\nThe fix is to defer the enqueue of the duplicate packet until after\nthe original packet has been guaranteed to return NET_XMIT_SUCCESS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45016",
"url": "https://www.suse.com/security/cve/CVE-2024-45016"
},
{
"category": "external",
"summary": "SUSE Bug 1230429 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "external",
"summary": "SUSE Bug 1230998 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-45016"
},
{
"cve": "CVE-2024-46771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: Remove proc entry when dev is unregistered.\n\nsyzkaller reported a warning in bcm_connect() below. [0]\n\nThe repro calls connect() to vxcan1, removes vxcan1, and calls\nconnect() with ifindex == 0.\n\nCalling connect() for a BCM socket allocates a proc entry.\nThen, bcm_sk(sk)-\u003ebound is set to 1 to prevent further connect().\n\nHowever, removing the bound device resets bcm_sk(sk)-\u003ebound to 0\nin bcm_notify().\n\nThe 2nd connect() tries to allocate a proc entry with the same\nname and sets NULL to bcm_sk(sk)-\u003ebcm_proc_read, leaking the\noriginal proc entry.\n\nSince the proc entry is available only for connect()ed sockets,\nlet\u0027s clean up the entry when the bound netdev is unregistered.\n\n[0]:\nproc_dir_entry \u0027can-bcm/2456\u0027 already registered\nWARNING: CPU: 1 PID: 394 at fs/proc/generic.c:376 proc_register+0x645/0x8f0 fs/proc/generic.c:375\nModules linked in:\nCPU: 1 PID: 394 Comm: syz-executor403 Not tainted 6.10.0-rc7-g852e42cc2dd4\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:proc_register+0x645/0x8f0 fs/proc/generic.c:375\nCode: 00 00 00 00 00 48 85 ed 0f 85 97 02 00 00 4d 85 f6 0f 85 9f 02 00 00 48 c7 c7 9b cb cf 87 48 89 de 4c 89 fa e8 1c 6f eb fe 90 \u003c0f\u003e 0b 90 90 48 c7 c7 98 37 99 89 e8 cb 7e 22 05 bb 00 00 00 10 48\nRSP: 0018:ffa0000000cd7c30 EFLAGS: 00010246\nRAX: 9e129be1950f0200 RBX: ff1100011b51582c RCX: ff1100011857cd80\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002\nRBP: 0000000000000000 R08: ffd400000000000f R09: ff1100013e78cac0\nR10: ffac800000cd7980 R11: ff1100013e12b1f0 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: ff1100011a99a2ec\nFS: 00007fbd7086f740(0000) GS:ff1100013fd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200071c0 CR3: 0000000118556004 CR4: 0000000000771ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n proc_create_net_single+0x144/0x210 fs/proc/proc_net.c:220\n bcm_connect+0x472/0x840 net/can/bcm.c:1673\n __sys_connect_file net/socket.c:2049 [inline]\n __sys_connect+0x5d2/0x690 net/socket.c:2066\n __do_sys_connect net/socket.c:2076 [inline]\n __se_sys_connect net/socket.c:2073 [inline]\n __x64_sys_connect+0x8f/0x100 net/socket.c:2073\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1c0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7fbd708b0e5d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 9f 1b 00 f7 d8 64 89 01 48\nRSP: 002b:00007fff8cd33f08 EFLAGS: 00000246 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fbd708b0e5d\nRDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000040 R09: 0000000000000040\nR10: 0000000000000040 R11: 0000000000000246 R12: 00007fff8cd34098\nR13: 0000000000401280 R14: 0000000000406de8 R15: 00007fbd70ab9000\n \u003c/TASK\u003e\nremove_proc_entry: removing non-empty directory \u0027net/can-bcm\u0027, leaking at least \u00272456\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46771",
"url": "https://www.suse.com/security/cve/CVE-2024-46771"
},
{
"category": "external",
"summary": "SUSE Bug 1230766 for CVE-2024-46771",
"url": "https://bugzilla.suse.com/1230766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-46771"
},
{
"cve": "CVE-2024-46777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46777"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Avoid excessive partition lengths\n\nAvoid mounting filesystems where the partition would overflow the\n32-bits used for block number. Also refuse to mount filesystems where\nthe partition length is so large we cannot safely index bits in a\nblock bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46777",
"url": "https://www.suse.com/security/cve/CVE-2024-46777"
},
{
"category": "external",
"summary": "SUSE Bug 1230773 for CVE-2024-46777",
"url": "https://bugzilla.suse.com/1230773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-46777"
},
{
"cve": "CVE-2024-46800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch/netem: fix use after free in netem_dequeue\n\nIf netem_dequeue() enqueues packet to inner qdisc and that qdisc\nreturns __NET_XMIT_STOLEN. The packet is dropped but\nqdisc_tree_reduce_backlog() is not called to update the parent\u0027s\nq.qlen, leading to the similar use-after-free as Commit\ne04991a48dbaf382 (\"netem: fix return value if duplicate enqueue\nfails\")\n\nCommands to trigger KASAN UaF:\n\nip link add type dummy\nip link set lo up\nip link set dummy0 up\ntc qdisc add dev lo parent root handle 1: drr\ntc filter add dev lo parent 1: basic classid 1:1\ntc class add dev lo classid 1:1 drr\ntc qdisc add dev lo parent 1:1 handle 2: netem\ntc qdisc add dev lo parent 2: handle 3: drr\ntc filter add dev lo parent 3: basic classid 3:1 action mirred egress\nredirect dev dummy0\ntc class add dev lo classid 3:1 drr\nping -c1 -W0.01 localhost # Trigger bug\ntc class del dev lo classid 1:1\ntc class add dev lo classid 1:1 drr\nping -c1 -W0.01 localhost # UaF",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46800",
"url": "https://www.suse.com/security/cve/CVE-2024-46800"
},
{
"category": "external",
"summary": "SUSE Bug 1230827 for CVE-2024-46800",
"url": "https://bugzilla.suse.com/1230827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-46800"
},
{
"cve": "CVE-2024-47660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47660"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsnotify: clear PARENT_WATCHED flags lazily\n\nIn some setups directories can have many (usually negative) dentries.\nHence __fsnotify_update_child_dentry_flags() function can take a\nsignificant amount of time. Since the bulk of this function happens\nunder inode-\u003ei_lock this causes a significant contention on the lock\nwhen we remove the watch from the directory as the\n__fsnotify_update_child_dentry_flags() call from fsnotify_recalc_mask()\nraces with __fsnotify_update_child_dentry_flags() calls from\n__fsnotify_parent() happening on children. This can lead upto softlockup\nreports reported by users.\n\nFix the problem by calling fsnotify_update_children_dentry_flags() to\nset PARENT_WATCHED flags only when parent starts watching children.\n\nWhen parent stops watching children, clear false positive PARENT_WATCHED\nflags lazily in __fsnotify_parent() for each accessed child.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47660",
"url": "https://www.suse.com/security/cve/CVE-2024-47660"
},
{
"category": "external",
"summary": "SUSE Bug 1231439 for CVE-2024-47660",
"url": "https://bugzilla.suse.com/1231439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "low"
}
],
"title": "CVE-2024-47660"
},
{
"cve": "CVE-2024-47679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfs: fix race between evice_inodes() and find_inode()\u0026iput()\n\nHi, all\n\nRecently I noticed a bug[1] in btrfs, after digged it into\nand I believe it\u0027a race in vfs.\n\nLet\u0027s assume there\u0027s a inode (ie ino 261) with i_count 1 is\ncalled by iput(), and there\u0027s a concurrent thread calling\ngeneric_shutdown_super().\n\ncpu0: cpu1:\niput() // i_count is 1\n -\u003espin_lock(inode)\n -\u003edec i_count to 0\n -\u003eiput_final() generic_shutdown_super()\n -\u003e__inode_add_lru() -\u003eevict_inodes()\n // cause some reason[2] -\u003eif (atomic_read(inode-\u003ei_count)) continue;\n // return before // inode 261 passed the above check\n // list_lru_add_obj() // and then schedule out\n -\u003espin_unlock()\n// note here: the inode 261\n// was still at sb list and hash list,\n// and I_FREEING|I_WILL_FREE was not been set\n\nbtrfs_iget()\n // after some function calls\n -\u003efind_inode()\n // found the above inode 261\n -\u003espin_lock(inode)\n // check I_FREEING|I_WILL_FREE\n // and passed\n -\u003e__iget()\n -\u003espin_unlock(inode) // schedule back\n -\u003espin_lock(inode)\n // check (I_NEW|I_FREEING|I_WILL_FREE) flags,\n // passed and set I_FREEING\niput() -\u003espin_unlock(inode)\n -\u003espin_lock(inode)\t\t\t -\u003eevict()\n // dec i_count to 0\n -\u003eiput_final()\n -\u003espin_unlock()\n -\u003eevict()\n\nNow, we have two threads simultaneously evicting\nthe same inode, which may trigger the BUG(inode-\u003ei_state \u0026 I_CLEAR)\nstatement both within clear_inode() and iput().\n\nTo fix the bug, recheck the inode-\u003ei_count after holding i_lock.\nBecause in the most scenarios, the first check is valid, and\nthe overhead of spin_lock() can be reduced.\n\nIf there is any misunderstanding, please let me know, thanks.\n\n[1]: https://lore.kernel.org/linux-btrfs/000000000000eabe1d0619c48986@google.com/\n[2]: The reason might be 1. SB_ACTIVE was removed or 2. mapping_shrinkable()\nreturn false when I reproduced the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47679",
"url": "https://www.suse.com/security/cve/CVE-2024-47679"
},
{
"category": "external",
"summary": "SUSE Bug 1231930 for CVE-2024-47679",
"url": "https://bugzilla.suse.com/1231930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-47679"
},
{
"cve": "CVE-2024-47701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid OOB when system.data xattr changes underneath the filesystem\n\nWhen looking up for an entry in an inlined directory, if e_value_offs is\nchanged underneath the filesystem by some change in the block device, it\nwill lead to an out-of-bounds access that KASAN detects as an UAF.\n\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.\nloop0: detected capacity change from 2048 to 2047\n==================================================================\nBUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\nRead of size 1 at addr ffff88803e91130f by task syz-executor269/5103\n\nCPU: 0 UID: 0 PID: 5103 Comm: syz-executor269 Not tainted 6.11.0-rc4-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\n ext4_find_inline_entry+0x4be/0x5e0 fs/ext4/inline.c:1697\n __ext4_find_entry+0x2b4/0x1b30 fs/ext4/namei.c:1573\n ext4_lookup_entry fs/ext4/namei.c:1727 [inline]\n ext4_lookup+0x15f/0x750 fs/ext4/namei.c:1795\n lookup_one_qstr_excl+0x11f/0x260 fs/namei.c:1633\n filename_create+0x297/0x540 fs/namei.c:3980\n do_symlinkat+0xf9/0x3a0 fs/namei.c:4587\n __do_sys_symlinkat fs/namei.c:4610 [inline]\n __se_sys_symlinkat fs/namei.c:4607 [inline]\n __x64_sys_symlinkat+0x95/0xb0 fs/namei.c:4607\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f3e73ced469\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff4d40c258 EFLAGS: 00000246 ORIG_RAX: 000000000000010a\nRAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007f3e73ced469\nRDX: 0000000020000200 RSI: 00000000ffffff9c RDI: 00000000200001c0\nRBP: 0000000000000000 R08: 00007fff4d40c290 R09: 00007fff4d40c290\nR10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007fff4d40c27c\nR13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff4d40c2b0\n \u003c/TASK\u003e\n\nCalling ext4_xattr_ibody_find right after reading the inode with\next4_get_inode_loc will lead to a check of the validity of the xattrs,\navoiding this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47701",
"url": "https://www.suse.com/security/cve/CVE-2024-47701"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1231920 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1231920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-47701"
},
{
"cve": "CVE-2024-49858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefistub/tpm: Use ACPI reclaim memory for event log to avoid corruption\n\nThe TPM event log table is a Linux specific construct, where the data\nproduced by the GetEventLog() boot service is cached in memory, and\npassed on to the OS using an EFI configuration table.\n\nThe use of EFI_LOADER_DATA here results in the region being left\nunreserved in the E820 memory map constructed by the EFI stub, and this\nis the memory description that is passed on to the incoming kernel by\nkexec, which is therefore unaware that the region should be reserved.\n\nEven though the utility of the TPM2 event log after a kexec is\nquestionable, any corruption might send the parsing code off into the\nweeds and crash the kernel. So let\u0027s use EFI_ACPI_RECLAIM_MEMORY\ninstead, which is always treated as reserved by the E820 conversion\nlogic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49858",
"url": "https://www.suse.com/security/cve/CVE-2024-49858"
},
{
"category": "external",
"summary": "SUSE Bug 1232251 for CVE-2024-49858",
"url": "https://bugzilla.suse.com/1232251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49858"
},
{
"cve": "CVE-2024-49868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix a NULL pointer dereference when failed to start a new trasacntion\n\n[BUG]\nSyzbot reported a NULL pointer dereference with the following crash:\n\n FAULT_INJECTION: forcing a failure.\n start_transaction+0x830/0x1670 fs/btrfs/transaction.c:676\n prepare_to_relocate+0x31f/0x4c0 fs/btrfs/relocation.c:3642\n relocate_block_group+0x169/0xd20 fs/btrfs/relocation.c:3678\n ...\n BTRFS info (device loop0): balance: ended with status: -12\n Oops: general protection fault, probably for non-canonical address 0xdffffc00000000cc: 0000 [#1] PREEMPT SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000660-0x0000000000000667]\n RIP: 0010:btrfs_update_reloc_root+0x362/0xa80 fs/btrfs/relocation.c:926\n Call Trace:\n \u003cTASK\u003e\n commit_fs_roots+0x2ee/0x720 fs/btrfs/transaction.c:1496\n btrfs_commit_transaction+0xfaf/0x3740 fs/btrfs/transaction.c:2430\n del_balance_item fs/btrfs/volumes.c:3678 [inline]\n reset_balance_state+0x25e/0x3c0 fs/btrfs/volumes.c:3742\n btrfs_balance+0xead/0x10c0 fs/btrfs/volumes.c:4574\n btrfs_ioctl_balance+0x493/0x7c0 fs/btrfs/ioctl.c:3673\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n[CAUSE]\nThe allocation failure happens at the start_transaction() inside\nprepare_to_relocate(), and during the error handling we call\nunset_reloc_control(), which makes fs_info-\u003ebalance_ctl to be NULL.\n\nThen we continue the error path cleanup in btrfs_balance() by calling\nreset_balance_state() which will call del_balance_item() to fully delete\nthe balance item in the root tree.\n\nHowever during the small window between set_reloc_contrl() and\nunset_reloc_control(), we can have a subvolume tree update and created a\nreloc_root for that subvolume.\n\nThen we go into the final btrfs_commit_transaction() of\ndel_balance_item(), and into btrfs_update_reloc_root() inside\ncommit_fs_roots().\n\nThat function checks if fs_info-\u003ereloc_ctl is in the merge_reloc_tree\nstage, but since fs_info-\u003ereloc_ctl is NULL, it results a NULL pointer\ndereference.\n\n[FIX]\nJust add extra check on fs_info-\u003ereloc_ctl inside\nbtrfs_update_reloc_root(), before checking\nfs_info-\u003ereloc_ctl-\u003emerge_reloc_tree.\n\nThat DEAD_RELOC_TREE handling is to prevent further modification to the\nreloc tree during merge stage, but since there is no reloc_ctl at all,\nwe do not need to bother that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49868",
"url": "https://www.suse.com/security/cve/CVE-2024-49868"
},
{
"category": "external",
"summary": "SUSE Bug 1232272 for CVE-2024-49868",
"url": "https://bugzilla.suse.com/1232272"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49868"
},
{
"cve": "CVE-2024-49884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix slab-use-after-free in ext4_split_extent_at()\n\nWe hit the following use-after-free:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_split_extent_at+0xba8/0xcc0\nRead of size 2 at addr ffff88810548ed08 by task kworker/u20:0/40\nCPU: 0 PID: 40 Comm: kworker/u20:0 Not tainted 6.9.0-dirty #724\nCall Trace:\n \u003cTASK\u003e\n kasan_report+0x93/0xc0\n ext4_split_extent_at+0xba8/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nAllocated by task 40:\n __kmalloc_noprof+0x1ac/0x480\n ext4_find_extent+0xf3b/0x1e70\n ext4_ext_map_blocks+0x188/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nFreed by task 40:\n kfree+0xf1/0x2b0\n ext4_find_extent+0xa71/0x1e70\n ext4_ext_insert_extent+0xa22/0x3260\n ext4_split_extent_at+0x3ef/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n==================================================================\n\nThe flow of issue triggering is as follows:\n\next4_split_extent_at\n path = *ppath\n ext4_ext_insert_extent(ppath)\n ext4_ext_create_new_leaf(ppath)\n ext4_find_extent(orig_path)\n path = *orig_path\n read_extent_tree_block\n // return -ENOMEM or -EIO\n ext4_free_ext_path(path)\n kfree(path)\n *orig_path = NULL\n a. If err is -ENOMEM:\n ext4_ext_dirty(path + path-\u003ep_depth)\n // path use-after-free !!!\n b. If err is -EIO and we have EXT_DEBUG defined:\n ext4_ext_show_leaf(path)\n eh = path[depth].p_hdr\n // path also use-after-free !!!\n\nSo when trying to zeroout or fix the extent length, call ext4_find_extent()\nto update the path.\n\nIn addition we use *ppath directly as an ext4_ext_show_leaf() input to\navoid possible use-after-free when EXT_DEBUG is defined, and to avoid\nunnecessary path updates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49884",
"url": "https://www.suse.com/security/cve/CVE-2024-49884"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232198 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1232198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49884"
},
{
"cve": "CVE-2024-49921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointers before used\n\n[WHAT \u0026 HOW]\nPoniters, such as dc-\u003eclk_mgr, are null checked previously in the same\nfunction, so Coverity warns \"implies that \"dc-\u003eclk_mgr\" might be null\".\nAs a result, these pointers need to be checked when used again.\n\nThis fixes 10 FORWARD_NULL issues reported by Coverity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49921",
"url": "https://www.suse.com/security/cve/CVE-2024-49921"
},
{
"category": "external",
"summary": "SUSE Bug 1232371 for CVE-2024-49921",
"url": "https://bugzilla.suse.com/1232371"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49921"
},
{
"cve": "CVE-2024-49925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: efifb: Register sysfs groups through driver core\n\nThe driver core can register and cleanup sysfs groups already.\nMake use of that functionality to simplify the error handling and\ncleanup.\n\nAlso avoid a UAF race during unregistering where the sysctl attributes\nwere usable after the info struct was freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49925",
"url": "https://www.suse.com/security/cve/CVE-2024-49925"
},
{
"category": "external",
"summary": "SUSE Bug 1232224 for CVE-2024-49925",
"url": "https://bugzilla.suse.com/1232224"
},
{
"category": "external",
"summary": "SUSE Bug 1232225 for CVE-2024-49925",
"url": "https://bugzilla.suse.com/1232225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49925"
},
{
"cve": "CVE-2024-49938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit\n\nSyzbot points out that skb_trim() has a sanity check on the existing length of\nthe skb, which can be uninitialised in some error paths. The intent here is\nclearly just to reset the length to zero before resubmitting, so switch to\ncalling __skb_set_length(skb, 0) directly. In addition, __skb_set_length()\nalready contains a call to skb_reset_tail_pointer(), so remove the redundant\ncall.\n\nThe syzbot report came from ath9k_hif_usb_reg_in_cb(), but there\u0027s a similar\nusage of skb_trim() in ath9k_hif_usb_rx_cb(), change both while we\u0027re at it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49938",
"url": "https://www.suse.com/security/cve/CVE-2024-49938"
},
{
"category": "external",
"summary": "SUSE Bug 1232552 for CVE-2024-49938",
"url": "https://bugzilla.suse.com/1232552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49938"
},
{
"cve": "CVE-2024-49945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ncsi: Disable the ncsi work before freeing the associated structure\n\nThe work function can run after the ncsi device is freed, resulting\nin use-after-free bugs or kernel panic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49945",
"url": "https://www.suse.com/security/cve/CVE-2024-49945"
},
{
"category": "external",
"summary": "SUSE Bug 1232165 for CVE-2024-49945",
"url": "https://bugzilla.suse.com/1232165"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49945"
},
{
"cve": "CVE-2024-49950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix uaf in l2cap_connect\n\n[Syzbot reported]\nBUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\nRead of size 8 at addr ffff8880241e9800 by task kworker/u9:0/54\n\nCPU: 0 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.11.0-rc6-syzkaller-00268-g788220eee30d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nWorkqueue: hci2 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\n l2cap_connect_req net/bluetooth/l2cap_core.c:4080 [inline]\n l2cap_bredr_sig_cmd net/bluetooth/l2cap_core.c:4772 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5543 [inline]\n l2cap_recv_frame+0xf0b/0x8eb0 net/bluetooth/l2cap_core.c:6825\n l2cap_recv_acldata+0x9b4/0xb70 net/bluetooth/l2cap_core.c:7514\n hci_acldata_packet net/bluetooth/hci_core.c:3791 [inline]\n hci_rx_work+0xaab/0x1610 net/bluetooth/hci_core.c:4028\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n...\n\nFreed by task 5245:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579\n poison_slab_object+0xf7/0x160 mm/kasan/common.c:240\n __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2256 [inline]\n slab_free mm/slub.c:4477 [inline]\n kfree+0x12a/0x3b0 mm/slub.c:4598\n l2cap_conn_free net/bluetooth/l2cap_core.c:1810 [inline]\n kref_put include/linux/kref.h:65 [inline]\n l2cap_conn_put net/bluetooth/l2cap_core.c:1822 [inline]\n l2cap_conn_del+0x59d/0x730 net/bluetooth/l2cap_core.c:1802\n l2cap_connect_cfm+0x9e6/0xf80 net/bluetooth/l2cap_core.c:7241\n hci_connect_cfm include/net/bluetooth/hci_core.h:1960 [inline]\n hci_conn_failed+0x1c3/0x370 net/bluetooth/hci_conn.c:1265\n hci_abort_conn_sync+0x75a/0xb50 net/bluetooth/hci_sync.c:5583\n abort_conn_sync+0x197/0x360 net/bluetooth/hci_conn.c:2917\n hci_cmd_sync_work+0x1a4/0x410 net/bluetooth/hci_sync.c:328\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49950",
"url": "https://www.suse.com/security/cve/CVE-2024-49950"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232159 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1232159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49950"
},
{
"cve": "CVE-2024-49952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49952"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: prevent nf_skb_duplicated corruption\n\nsyzbot found that nf_dup_ipv4() or nf_dup_ipv6() could write\nper-cpu variable nf_skb_duplicated in an unsafe way [1].\n\nDisabling preemption as hinted by the splat is not enough,\nwe have to disable soft interrupts as well.\n\n[1]\nBUG: using __this_cpu_write() in preemptible [00000000] code: syz.4.282/6316\n caller is nf_dup_ipv4+0x651/0x8f0 net/ipv4/netfilter/nf_dup_ipv4.c:87\nCPU: 0 UID: 0 PID: 6316 Comm: syz.4.282 Not tainted 6.11.0-rc7-syzkaller-00104-g7052622fccb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n check_preemption_disabled+0x10e/0x120 lib/smp_processor_id.c:49\n nf_dup_ipv4+0x651/0x8f0 net/ipv4/netfilter/nf_dup_ipv4.c:87\n nft_dup_ipv4_eval+0x1db/0x300 net/ipv4/netfilter/nft_dup_ipv4.c:30\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x4ad/0x1da0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x202/0x320 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook+0x2c4/0x450 include/linux/netfilter.h:269\n NF_HOOK_COND include/linux/netfilter.h:302 [inline]\n ip_output+0x185/0x230 net/ipv4/ip_output.c:433\n ip_local_out net/ipv4/ip_output.c:129 [inline]\n ip_send_skb+0x74/0x100 net/ipv4/ip_output.c:1495\n udp_send_skb+0xacf/0x1650 net/ipv4/udp.c:981\n udp_sendmsg+0x1c21/0x2a60 net/ipv4/udp.c:1269\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x1a6/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2597\n ___sys_sendmsg net/socket.c:2651 [inline]\n __sys_sendmmsg+0x3b2/0x740 net/socket.c:2737\n __do_sys_sendmmsg net/socket.c:2766 [inline]\n __se_sys_sendmmsg net/socket.c:2763 [inline]\n __x64_sys_sendmmsg+0xa0/0xb0 net/socket.c:2763\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f4ce4f7def9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f4ce5d4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133\nRAX: ffffffffffffffda RBX: 00007f4ce5135f80 RCX: 00007f4ce4f7def9\nRDX: 0000000000000001 RSI: 0000000020005d40 RDI: 0000000000000006\nRBP: 00007f4ce4ff0b76 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007f4ce5135f80 R15: 00007ffd4cbc6d68\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49952",
"url": "https://www.suse.com/security/cve/CVE-2024-49952"
},
{
"category": "external",
"summary": "SUSE Bug 1232157 for CVE-2024-49952",
"url": "https://bugzilla.suse.com/1232157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-49952"
},
{
"cve": "CVE-2024-50044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change\n\nrfcomm_sk_state_change attempts to use sock_lock so it must never be\ncalled with it locked but rfcomm_sock_ioctl always attempt to lock it\ncausing the following trace:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted\n------------------------------------------------------\nsyz-executor386/5093 is trying to acquire lock:\nffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1671 [inline]\nffff88807c396258 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sk_state_change+0x5b/0x310 net/bluetooth/rfcomm/sock.c:73\n\nbut task is already holding lock:\nffff88807badfd28 (\u0026d-\u003elock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x226/0x6a0 net/bluetooth/rfcomm/core.c:491",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50044",
"url": "https://www.suse.com/security/cve/CVE-2024-50044"
},
{
"category": "external",
"summary": "SUSE Bug 1231904 for CVE-2024-50044",
"url": "https://bugzilla.suse.com/1231904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50044"
},
{
"cve": "CVE-2024-50055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: bus: Fix double free in driver API bus_register()\n\nFor bus_register(), any error which happens after kset_register() will\ncause that @priv are freed twice, fixed by setting @priv with NULL after\nthe first free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50055",
"url": "https://www.suse.com/security/cve/CVE-2024-50055"
},
{
"category": "external",
"summary": "SUSE Bug 1232329 for CVE-2024-50055",
"url": "https://bugzilla.suse.com/1232329"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50055"
},
{
"cve": "CVE-2024-50073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Fix use-after-free in gsm_cleanup_mux\n\nBUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0\ndrivers/tty/n_gsm.c:3160 [n_gsm]\nRead of size 8 at addr ffff88815fe99c00 by task poc/3379\nCPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56\nHardware name: VMware, Inc. VMware Virtual Platform/440BX\nDesktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n \u003cTASK\u003e\n gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm]\n __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389\n update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500\n __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846\n __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107\n __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm]\n ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195\n ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79\n __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338\n __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\nAllocated by task 65:\n gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm]\n gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm]\n gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm]\n gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm]\n tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391\n tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39\n flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445\n process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229\n worker_thread+0x3dc/0x950 kernel/workqueue.c:3391\n kthread+0x2a3/0x370 kernel/kthread.c:389\n ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257\n\nFreed by task 3367:\n kfree+0x126/0x420 mm/slub.c:4580\n gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\n[Analysis]\ngsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux\ncan be freed by multi threads through ioctl,which leads\nto the occurrence of uaf. Protect it by gsm tx lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50073",
"url": "https://www.suse.com/security/cve/CVE-2024-50073"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232520 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1232520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50073"
},
{
"cve": "CVE-2024-50074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nparport: Proper fix for array out-of-bounds access\n\nThe recent fix for array out-of-bounds accesses replaced sprintf()\ncalls blindly with snprintf(). However, since snprintf() returns the\nwould-be-printed size, not the actually output size, the length\ncalculation can still go over the given limit.\n\nUse scnprintf() instead of snprintf(), which returns the actually\noutput letters, for addressing the potential out-of-bounds access\nproperly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50074",
"url": "https://www.suse.com/security/cve/CVE-2024-50074"
},
{
"category": "external",
"summary": "SUSE Bug 1232507 for CVE-2024-50074",
"url": "https://bugzilla.suse.com/1232507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50074"
},
{
"cve": "CVE-2024-50095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mad: Improve handling of timed out WRs of mad agent\n\nCurrent timeout handler of mad agent acquires/releases mad_agent_priv\nlock for every timed out WRs. This causes heavy locking contention\nwhen higher no. of WRs are to be handled inside timeout handler.\n\nThis leads to softlockup with below trace in some use cases where\nrdma-cm path is used to establish connection between peer nodes\n\nTrace:\n-----\n BUG: soft lockup - CPU#4 stuck for 26s! [kworker/u128:3:19767]\n CPU: 4 PID: 19767 Comm: kworker/u128:3 Kdump: loaded Tainted: G OE\n ------- --- 5.14.0-427.13.1.el9_4.x86_64 #1\n Hardware name: Dell Inc. PowerEdge R740/01YM03, BIOS 2.4.8 11/26/2019\n Workqueue: ib_mad1 timeout_sends [ib_core]\n RIP: 0010:__do_softirq+0x78/0x2ac\n RSP: 0018:ffffb253449e4f98 EFLAGS: 00000246\n RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 000000000000001f\n RDX: 000000000000001d RSI: 000000003d1879ab RDI: fff363b66fd3a86b\n RBP: ffffb253604cbcd8 R08: 0000009065635f3b R09: 0000000000000000\n R10: 0000000000000040 R11: ffffb253449e4ff8 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000040\n FS: 0000000000000000(0000) GS:ffff8caa1fc80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fd9ec9db900 CR3: 0000000891934006 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __irq_exit_rcu+0xa1/0xc0\n ? watchdog_timer_fn+0x1b2/0x210\n ? __pfx_watchdog_timer_fn+0x10/0x10\n ? __hrtimer_run_queues+0x127/0x2c0\n ? hrtimer_interrupt+0xfc/0x210\n ? __sysvec_apic_timer_interrupt+0x5c/0x110\n ? sysvec_apic_timer_interrupt+0x37/0x90\n ? asm_sysvec_apic_timer_interrupt+0x16/0x20\n ? __do_softirq+0x78/0x2ac\n ? __do_softirq+0x60/0x2ac\n __irq_exit_rcu+0xa1/0xc0\n sysvec_call_function_single+0x72/0x90\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_call_function_single+0x16/0x20\n RIP: 0010:_raw_spin_unlock_irq+0x14/0x30\n RSP: 0018:ffffb253604cbd88 EFLAGS: 00000247\n RAX: 000000000001960d RBX: 0000000000000002 RCX: ffff8cad2a064800\n RDX: 000000008020001b RSI: 0000000000000001 RDI: ffff8cad5d39f66c\n RBP: ffff8cad5d39f600 R08: 0000000000000001 R09: 0000000000000000\n R10: ffff8caa443e0c00 R11: ffffb253604cbcd8 R12: ffff8cacb8682538\n R13: 0000000000000005 R14: ffffb253604cbd90 R15: ffff8cad5d39f66c\n cm_process_send_error+0x122/0x1d0 [ib_cm]\n timeout_sends+0x1dd/0x270 [ib_core]\n process_one_work+0x1e2/0x3b0\n ? __pfx_worker_thread+0x10/0x10\n worker_thread+0x50/0x3a0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n \u003c/TASK\u003e\n\nSimplified timeout handler by creating local list of timed out WRs\nand invoke send handler post creating the list. The new method acquires/\nreleases lock once to fetch the list and hence helps to reduce locking\ncontetiong when processing higher no. of WRs",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50095",
"url": "https://www.suse.com/security/cve/CVE-2024-50095"
},
{
"category": "external",
"summary": "SUSE Bug 1232873 for CVE-2024-50095",
"url": "https://bugzilla.suse.com/1232873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50095"
},
{
"cve": "CVE-2024-50099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50099"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: probes: Remove broken LDR (literal) uprobe support\n\nThe simulate_ldr_literal() and simulate_ldrsw_literal() functions are\nunsafe to use for uprobes. Both functions were originally written for\nuse with kprobes, and access memory with plain C accesses. When uprobes\nwas added, these were reused unmodified even though they cannot safely\naccess user memory.\n\nThere are three key problems:\n\n1) The plain C accesses do not have corresponding extable entries, and\n thus if they encounter a fault the kernel will treat these as\n unintentional accesses to user memory, resulting in a BUG() which\n will kill the kernel thread, and likely lead to further issues (e.g.\n lockup or panic()).\n\n2) The plain C accesses are subject to HW PAN and SW PAN, and so when\n either is in use, any attempt to simulate an access to user memory\n will fault. Thus neither simulate_ldr_literal() nor\n simulate_ldrsw_literal() can do anything useful when simulating a\n user instruction on any system with HW PAN or SW PAN.\n\n3) The plain C accesses are privileged, as they run in kernel context,\n and in practice can access a small range of kernel virtual addresses.\n The instructions they simulate have a range of +/-1MiB, and since the\n simulated instructions must itself be a user instructions in the\n TTBR0 address range, these can address the final 1MiB of the TTBR1\n acddress range by wrapping downwards from an address in the first\n 1MiB of the TTBR0 address range.\n\n In contemporary kernels the last 8MiB of TTBR1 address range is\n reserved, and accesses to this will always fault, meaning this is no\n worse than (1).\n\n Historically, it was theoretically possible for the linear map or\n vmemmap to spill into the final 8MiB of the TTBR1 address range, but\n in practice this is extremely unlikely to occur as this would\n require either:\n\n * Having enough physical memory to fill the entire linear map all the\n way to the final 1MiB of the TTBR1 address range.\n\n * Getting unlucky with KASLR randomization of the linear map such\n that the populated region happens to overlap with the last 1MiB of\n the TTBR address range.\n\n ... and in either case if we were to spill into the final page there\n would be larger problems as the final page would alias with error\n pointers.\n\nPractically speaking, (1) and (2) are the big issues. Given there have\nbeen no reports of problems since the broken code was introduced, it\nappears that no-one is relying on probing these instructions with\nuprobes.\n\nAvoid these issues by not allowing uprobes on LDR (literal) and LDRSW\n(literal), limiting the use of simulate_ldr_literal() and\nsimulate_ldrsw_literal() to kprobes. Attempts to place uprobes on LDR\n(literal) and LDRSW (literal) will be rejected as\narm_probe_decode_insn() will return INSN_REJECTED. In future we can\nconsider introducing working uprobes support for these instructions, but\nthis will require more significant work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50099",
"url": "https://www.suse.com/security/cve/CVE-2024-50099"
},
{
"category": "external",
"summary": "SUSE Bug 1232887 for CVE-2024-50099",
"url": "https://bugzilla.suse.com/1232887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50099"
},
{
"cve": "CVE-2024-50115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn\u0027t\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn\u0027t using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM\u0027s much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it\u0027s only the nSVM flow\nthat is broken.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50115",
"url": "https://www.suse.com/security/cve/CVE-2024-50115"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232919 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "external",
"summary": "SUSE Bug 1233019 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1233019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50115"
},
{
"cve": "CVE-2024-50117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50117"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Guard against bad data for ATIF ACPI method\n\nIf a BIOS provides bad data in response to an ATIF method call\nthis causes a NULL pointer dereference in the caller.\n\n```\n? show_regs (arch/x86/kernel/dumpstack.c:478 (discriminator 1))\n? __die (arch/x86/kernel/dumpstack.c:423 arch/x86/kernel/dumpstack.c:434)\n? page_fault_oops (arch/x86/mm/fault.c:544 (discriminator 2) arch/x86/mm/fault.c:705 (discriminator 2))\n? do_user_addr_fault (arch/x86/mm/fault.c:440 (discriminator 1) arch/x86/mm/fault.c:1232 (discriminator 1))\n? acpi_ut_update_object_reference (drivers/acpi/acpica/utdelete.c:642)\n? exc_page_fault (arch/x86/mm/fault.c:1542)\n? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623)\n? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:387 (discriminator 2)) amdgpu\n? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:386 (discriminator 1)) amdgpu\n```\n\nIt has been encountered on at least one system, so guard for it.\n\n(cherry picked from commit c9b7c809b89f24e9372a4e7f02d64c950b07fdee)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50117",
"url": "https://www.suse.com/security/cve/CVE-2024-50117"
},
{
"category": "external",
"summary": "SUSE Bug 1232897 for CVE-2024-50117",
"url": "https://bugzilla.suse.com/1232897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50117"
},
{
"cve": "CVE-2024-50125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: Fix UAF on sco_sock_timeout\n\nconn-\u003esk maybe have been unlinked/freed while waiting for sco_conn_lock\nso this checks if the conn-\u003esk is still valid by checking if it part of\nsco_sk_list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50125",
"url": "https://www.suse.com/security/cve/CVE-2024-50125"
},
{
"category": "external",
"summary": "SUSE Bug 1232928 for CVE-2024-50125",
"url": "https://bugzilla.suse.com/1232928"
},
{
"category": "external",
"summary": "SUSE Bug 1232929 for CVE-2024-50125",
"url": "https://bugzilla.suse.com/1232929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50125"
},
{
"cve": "CVE-2024-50135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-pci: fix race condition between reset and nvme_dev_disable()\n\nnvme_dev_disable() modifies the dev-\u003eonline_queues field, therefore\nnvme_pci_update_nr_queues() should avoid racing against it, otherwise\nwe could end up passing invalid values to blk_mq_update_nr_hw_queues().\n\n WARNING: CPU: 39 PID: 61303 at drivers/pci/msi/api.c:347\n pci_irq_get_affinity+0x187/0x210\n Workqueue: nvme-reset-wq nvme_reset_work [nvme]\n RIP: 0010:pci_irq_get_affinity+0x187/0x210\n Call Trace:\n \u003cTASK\u003e\n ? blk_mq_pci_map_queues+0x87/0x3c0\n ? pci_irq_get_affinity+0x187/0x210\n blk_mq_pci_map_queues+0x87/0x3c0\n nvme_pci_map_queues+0x189/0x460 [nvme]\n blk_mq_update_nr_hw_queues+0x2a/0x40\n nvme_reset_work+0x1be/0x2a0 [nvme]\n\nFix the bug by locking the shutdown_lock mutex before using\ndev-\u003eonline_queues. Give up if nvme_dev_disable() is running or if\nit has been executed already.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50135",
"url": "https://www.suse.com/security/cve/CVE-2024-50135"
},
{
"category": "external",
"summary": "SUSE Bug 1232888 for CVE-2024-50135",
"url": "https://bugzilla.suse.com/1232888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50135"
},
{
"cve": "CVE-2024-50148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50148"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: bnep: fix wild-memory-access in proto_unregister\n\nThere\u0027s issue as follows:\n KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f]\n CPU: 3 UID: 0 PID: 2805 Comm: rmmod Tainted: G W\n RIP: 0010:proto_unregister+0xee/0x400\n Call Trace:\n \u003cTASK\u003e\n __do_sys_delete_module+0x318/0x580\n do_syscall_64+0xc1/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nAs bnep_init() ignore bnep_sock_init()\u0027s return value, and bnep_sock_init()\nwill cleanup all resource. Then when remove bnep module will call\nbnep_sock_cleanup() to cleanup sock\u0027s resource.\nTo solve above issue just return bnep_sock_init()\u0027s return value in\nbnep_exit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50148",
"url": "https://www.suse.com/security/cve/CVE-2024-50148"
},
{
"category": "external",
"summary": "SUSE Bug 1233063 for CVE-2024-50148",
"url": "https://bugzilla.suse.com/1233063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50148"
},
{
"cve": "CVE-2024-50150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: altmode should keep reference to parent\n\nThe altmode device release refers to its parent device, but without keeping\na reference to it.\n\nWhen registering the altmode, get a reference to the parent and put it in\nthe release function.\n\nBefore this fix, when using CONFIG_DEBUG_KOBJECT_RELEASE, we see issues\nlike this:\n\n[ 43.572860] kobject: \u0027port0.0\u0027 (ffff8880057ba008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 43.573532] kobject: \u0027port0.1\u0027 (ffff8880057bd008): kobject_release, parent 0000000000000000 (delayed 1000)\n[ 43.574407] kobject: \u0027port0\u0027 (ffff8880057b9008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 43.575059] kobject: \u0027port1.0\u0027 (ffff8880057ca008): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.575908] kobject: \u0027port1.1\u0027 (ffff8880057c9008): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.576908] kobject: \u0027typec\u0027 (ffff8880062dbc00): kobject_release, parent 0000000000000000 (delayed 4000)\n[ 43.577769] kobject: \u0027port1\u0027 (ffff8880057bf008): kobject_release, parent 0000000000000000 (delayed 3000)\n[ 46.612867] ==================================================================\n[ 46.613402] BUG: KASAN: slab-use-after-free in typec_altmode_release+0x38/0x129\n[ 46.614003] Read of size 8 at addr ffff8880057b9118 by task kworker/2:1/48\n[ 46.614538]\n[ 46.614668] CPU: 2 UID: 0 PID: 48 Comm: kworker/2:1 Not tainted 6.12.0-rc1-00138-gedbae730ad31 #535\n[ 46.615391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 46.616042] Workqueue: events kobject_delayed_cleanup\n[ 46.616446] Call Trace:\n[ 46.616648] \u003cTASK\u003e\n[ 46.616820] dump_stack_lvl+0x5b/0x7c\n[ 46.617112] ? typec_altmode_release+0x38/0x129\n[ 46.617470] print_report+0x14c/0x49e\n[ 46.617769] ? rcu_read_unlock_sched+0x56/0x69\n[ 46.618117] ? __virt_addr_valid+0x19a/0x1ab\n[ 46.618456] ? kmem_cache_debug_flags+0xc/0x1d\n[ 46.618807] ? typec_altmode_release+0x38/0x129\n[ 46.619161] kasan_report+0x8d/0xb4\n[ 46.619447] ? typec_altmode_release+0x38/0x129\n[ 46.619809] ? process_scheduled_works+0x3cb/0x85f\n[ 46.620185] typec_altmode_release+0x38/0x129\n[ 46.620537] ? process_scheduled_works+0x3cb/0x85f\n[ 46.620907] device_release+0xaf/0xf2\n[ 46.621206] kobject_delayed_cleanup+0x13b/0x17a\n[ 46.621584] process_scheduled_works+0x4f6/0x85f\n[ 46.621955] ? __pfx_process_scheduled_works+0x10/0x10\n[ 46.622353] ? hlock_class+0x31/0x9a\n[ 46.622647] ? lock_acquired+0x361/0x3c3\n[ 46.622956] ? move_linked_works+0x46/0x7d\n[ 46.623277] worker_thread+0x1ce/0x291\n[ 46.623582] ? __kthread_parkme+0xc8/0xdf\n[ 46.623900] ? __pfx_worker_thread+0x10/0x10\n[ 46.624236] kthread+0x17e/0x190\n[ 46.624501] ? kthread+0xfb/0x190\n[ 46.624756] ? __pfx_kthread+0x10/0x10\n[ 46.625015] ret_from_fork+0x20/0x40\n[ 46.625268] ? __pfx_kthread+0x10/0x10\n[ 46.625532] ret_from_fork_asm+0x1a/0x30\n[ 46.625805] \u003c/TASK\u003e\n[ 46.625953]\n[ 46.626056] Allocated by task 678:\n[ 46.626287] kasan_save_stack+0x24/0x44\n[ 46.626555] kasan_save_track+0x14/0x2d\n[ 46.626811] __kasan_kmalloc+0x3f/0x4d\n[ 46.627049] __kmalloc_noprof+0x1bf/0x1f0\n[ 46.627362] typec_register_port+0x23/0x491\n[ 46.627698] cros_typec_probe+0x634/0xbb6\n[ 46.628026] platform_probe+0x47/0x8c\n[ 46.628311] really_probe+0x20a/0x47d\n[ 46.628605] device_driver_attach+0x39/0x72\n[ 46.628940] bind_store+0x87/0xd7\n[ 46.629213] kernfs_fop_write_iter+0x1aa/0x218\n[ 46.629574] vfs_write+0x1d6/0x29b\n[ 46.629856] ksys_write+0xcd/0x13b\n[ 46.630128] do_syscall_64+0xd4/0x139\n[ 46.630420] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 46.630820]\n[ 46.630946] Freed by task 48:\n[ 46.631182] kasan_save_stack+0x24/0x44\n[ 46.631493] kasan_save_track+0x14/0x2d\n[ 46.631799] kasan_save_free_info+0x3f/0x4d\n[ 46.632144] __kasan_slab_free+0x37/0x45\n[ 46.632474]\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50150",
"url": "https://www.suse.com/security/cve/CVE-2024-50150"
},
{
"category": "external",
"summary": "SUSE Bug 1233051 for CVE-2024-50150",
"url": "https://bugzilla.suse.com/1233051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50150"
},
{
"cve": "CVE-2024-50154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50154"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp/dccp: Don\u0027t use timer_pending() in reqsk_queue_unlink().\n\nMartin KaFai Lau reported use-after-free [0] in reqsk_timer_handler().\n\n \"\"\"\n We are seeing a use-after-free from a bpf prog attached to\n trace_tcp_retransmit_synack. The program passes the req-\u003esk to the\n bpf_sk_storage_get_tracing kernel helper which does check for null\n before using it.\n \"\"\"\n\nThe commit 83fccfc3940c (\"inet: fix potential deadlock in\nreqsk_queue_unlink()\") added timer_pending() in reqsk_queue_unlink() not\nto call del_timer_sync() from reqsk_timer_handler(), but it introduced a\nsmall race window.\n\nBefore the timer is called, expire_timers() calls detach_timer(timer, true)\nto clear timer-\u003eentry.pprev and marks it as not pending.\n\nIf reqsk_queue_unlink() checks timer_pending() just after expire_timers()\ncalls detach_timer(), TCP will miss del_timer_sync(); the reqsk timer will\ncontinue running and send multiple SYN+ACKs until it expires.\n\nThe reported UAF could happen if req-\u003esk is close()d earlier than the timer\nexpiration, which is 63s by default.\n\nThe scenario would be\n\n 1. inet_csk_complete_hashdance() calls inet_csk_reqsk_queue_drop(),\n but del_timer_sync() is missed\n\n 2. reqsk timer is executed and scheduled again\n\n 3. req-\u003esk is accept()ed and reqsk_put() decrements rsk_refcnt, but\n reqsk timer still has another one, and inet_csk_accept() does not\n clear req-\u003esk for non-TFO sockets\n\n 4. sk is close()d\n\n 5. reqsk timer is executed again, and BPF touches req-\u003esk\n\nLet\u0027s not use timer_pending() by passing the caller context to\n__inet_csk_reqsk_queue_drop().\n\nNote that reqsk timer is pinned, so the issue does not happen in most\nuse cases. [1]\n\n[0]\nBUG: KFENCE: use-after-free read in bpf_sk_storage_get_tracing+0x2e/0x1b0\n\nUse-after-free read at 0x00000000a891fb3a (in kfence-#1):\nbpf_sk_storage_get_tracing+0x2e/0x1b0\nbpf_prog_5ea3e95db6da0438_tcp_retransmit_synack+0x1d20/0x1dda\nbpf_trace_run2+0x4c/0xc0\ntcp_rtx_synack+0xf9/0x100\nreqsk_timer_handler+0xda/0x3d0\nrun_timer_softirq+0x292/0x8a0\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\nintel_idle_irq+0x5a/0xa0\ncpuidle_enter_state+0x94/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nkfence-#1: 0x00000000a72cc7b6-0x00000000d97616d9, size=2376, cache=TCPv6\n\nallocated by task 0 on cpu 9 at 260507.901592s:\nsk_prot_alloc+0x35/0x140\nsk_clone_lock+0x1f/0x3f0\ninet_csk_clone_lock+0x15/0x160\ntcp_create_openreq_child+0x1f/0x410\ntcp_v6_syn_recv_sock+0x1da/0x700\ntcp_check_req+0x1fb/0x510\ntcp_v6_rcv+0x98b/0x1420\nipv6_list_rcv+0x2258/0x26e0\nnapi_complete_done+0x5b1/0x2990\nmlx5e_napi_poll+0x2ae/0x8d0\nnet_rx_action+0x13e/0x590\nirq_exit_rcu+0xf5/0x320\ncommon_interrupt+0x80/0x90\nasm_common_interrupt+0x22/0x40\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb\n\nfreed by task 0 on cpu 9 at 260507.927527s:\nrcu_core_si+0x4ff/0xf10\nirq_exit_rcu+0xf5/0x320\nsysvec_apic_timer_interrupt+0x6d/0x80\nasm_sysvec_apic_timer_interrupt+0x16/0x20\ncpuidle_enter_state+0xfb/0x273\ncpu_startup_entry+0x15e/0x260\nstart_secondary+0x8a/0x90\nsecondary_startup_64_no_verify+0xfa/0xfb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50154",
"url": "https://www.suse.com/security/cve/CVE-2024-50154"
},
{
"category": "external",
"summary": "SUSE Bug 1233070 for CVE-2024-50154",
"url": "https://bugzilla.suse.com/1233070"
},
{
"category": "external",
"summary": "SUSE Bug 1233072 for CVE-2024-50154",
"url": "https://bugzilla.suse.com/1233072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50154"
},
{
"cve": "CVE-2024-50167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50167"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbe2net: fix potential memory leak in be_xmit()\n\nThe be_xmit() returns NETDEV_TX_OK without freeing skb\nin case of be_xmit_enqueue() fails, add dev_kfree_skb_any() to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50167",
"url": "https://www.suse.com/security/cve/CVE-2024-50167"
},
{
"category": "external",
"summary": "SUSE Bug 1233049 for CVE-2024-50167",
"url": "https://bugzilla.suse.com/1233049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50167"
},
{
"cve": "CVE-2024-50171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: systemport: fix potential memory leak in bcm_sysport_xmit()\n\nThe bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skb\nin case of dma_map_single() fails, add dev_kfree_skb() to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50171",
"url": "https://www.suse.com/security/cve/CVE-2024-50171"
},
{
"category": "external",
"summary": "SUSE Bug 1233057 for CVE-2024-50171",
"url": "https://bugzilla.suse.com/1233057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50171"
},
{
"cve": "CVE-2024-50179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50179"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: remove the incorrect Fw reference check when dirtying pages\n\nWhen doing the direct-io reads it will also try to mark pages dirty,\nbut for the read path it won\u0027t hold the Fw caps and there is case\nwill it get the Fw reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50179",
"url": "https://www.suse.com/security/cve/CVE-2024-50179"
},
{
"category": "external",
"summary": "SUSE Bug 1233123 for CVE-2024-50179",
"url": "https://bugzilla.suse.com/1233123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50179"
},
{
"cve": "CVE-2024-50183",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50183"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance\n\nDeleting an NPIV instance requires all fabric ndlps to be released before\nan NPIV\u0027s resources can be torn down. Failure to release fabric ndlps\nbeforehand opens kref imbalance race conditions. Fix by forcing the DA_ID\nto complete synchronously with usage of wait_queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50183",
"url": "https://www.suse.com/security/cve/CVE-2024-50183"
},
{
"category": "external",
"summary": "SUSE Bug 1233130 for CVE-2024-50183",
"url": "https://bugzilla.suse.com/1233130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50183"
},
{
"cve": "CVE-2024-50187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: Stop the active perfmon before being destroyed\n\nUpon closing the file descriptor, the active performance monitor is not\nstopped. Although all perfmons are destroyed in `vc4_perfmon_close_file()`,\nthe active performance monitor\u0027s pointer (`vc4-\u003eactive_perfmon`) is still\nretained.\n\nIf we open a new file descriptor and submit a few jobs with performance\nmonitors, the driver will attempt to stop the active performance monitor\nusing the stale pointer in `vc4-\u003eactive_perfmon`. However, this pointer\nis no longer valid because the previous process has already terminated,\nand all performance monitors associated with it have been destroyed and\nfreed.\n\nTo fix this, when the active performance monitor belongs to a given\nprocess, explicitly stop it before destroying and freeing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50187",
"url": "https://www.suse.com/security/cve/CVE-2024-50187"
},
{
"category": "external",
"summary": "SUSE Bug 1233108 for CVE-2024-50187",
"url": "https://bugzilla.suse.com/1233108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50187"
},
{
"cve": "CVE-2024-50194",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50194"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: probes: Fix uprobes for big-endian kernels\n\nThe arm64 uprobes code is broken for big-endian kernels as it doesn\u0027t\nconvert the in-memory instruction encoding (which is always\nlittle-endian) into the kernel\u0027s native endianness before analyzing and\nsimulating instructions. This may result in a few distinct problems:\n\n* The kernel may may erroneously reject probing an instruction which can\n safely be probed.\n\n* The kernel may erroneously erroneously permit stepping an\n instruction out-of-line when that instruction cannot be stepped\n out-of-line safely.\n\n* The kernel may erroneously simulate instruction incorrectly dur to\n interpretting the byte-swapped encoding.\n\nThe endianness mismatch isn\u0027t caught by the compiler or sparse because:\n\n* The arch_uprobe::{insn,ixol} fields are encoded as arrays of u8, so\n the compiler and sparse have no idea these contain a little-endian\n 32-bit value. The core uprobes code populates these with a memcpy()\n which similarly does not handle endianness.\n\n* While the uprobe_opcode_t type is an alias for __le32, both\n arch_uprobe_analyze_insn() and arch_uprobe_skip_sstep() cast from u8[]\n to the similarly-named probe_opcode_t, which is an alias for u32.\n Hence there is no endianness conversion warning.\n\nFix this by changing the arch_uprobe::{insn,ixol} fields to __le32 and\nadding the appropriate __le32_to_cpu() conversions prior to consuming\nthe instruction encoding. The core uprobes copies these fields as opaque\nranges of bytes, and so is unaffected by this change.\n\nAt the same time, remove MAX_UINSN_BYTES and consistently use\nAARCH64_INSN_SIZE for clarity.\n\nTested with the following:\n\n| #include \u003cstdio.h\u003e\n| #include \u003cstdbool.h\u003e\n|\n| #define noinline __attribute__((noinline))\n|\n| static noinline void *adrp_self(void)\n| {\n| void *addr;\n|\n| asm volatile(\n| \" adrp %x0, adrp_self\\n\"\n| \" add %x0, %x0, :lo12:adrp_self\\n\"\n| : \"=r\" (addr));\n| }\n|\n|\n| int main(int argc, char *argv)\n| {\n| void *ptr = adrp_self();\n| bool equal = (ptr == adrp_self);\n|\n| printf(\"adrp_self =\u003e %p\\n\"\n| \"adrp_self() =\u003e %p\\n\"\n| \"%s\\n\",\n| adrp_self, ptr, equal ? \"EQUAL\" : \"NOT EQUAL\");\n|\n| return 0;\n| }\n\n.... where the adrp_self() function was compiled to:\n\n| 00000000004007e0 \u003cadrp_self\u003e:\n| 4007e0: 90000000 adrp x0, 400000 \u003c__ehdr_start\u003e\n| 4007e4: 911f8000 add x0, x0, #0x7e0\n| 4007e8: d65f03c0 ret\n\nBefore this patch, the ADRP is not recognized, and is assumed to be\nsteppable, resulting in corruption of the result:\n\n| # ./adrp-self\n| adrp_self =\u003e 0x4007e0\n| adrp_self() =\u003e 0x4007e0\n| EQUAL\n| # echo \u0027p /root/adrp-self:0x007e0\u0027 \u003e /sys/kernel/tracing/uprobe_events\n| # echo 1 \u003e /sys/kernel/tracing/events/uprobes/enable\n| # ./adrp-self\n| adrp_self =\u003e 0x4007e0\n| adrp_self() =\u003e 0xffffffffff7e0\n| NOT EQUAL\n\nAfter this patch, the ADRP is correctly recognized and simulated:\n\n| # ./adrp-self\n| adrp_self =\u003e 0x4007e0\n| adrp_self() =\u003e 0x4007e0\n| EQUAL\n| #\n| # echo \u0027p /root/adrp-self:0x007e0\u0027 \u003e /sys/kernel/tracing/uprobe_events\n| # echo 1 \u003e /sys/kernel/tracing/events/uprobes/enable\n| # ./adrp-self\n| adrp_self =\u003e 0x4007e0\n| adrp_self() =\u003e 0x4007e0\n| EQUAL",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50194",
"url": "https://www.suse.com/security/cve/CVE-2024-50194"
},
{
"category": "external",
"summary": "SUSE Bug 1233111 for CVE-2024-50194",
"url": "https://bugzilla.suse.com/1233111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50194"
},
{
"cve": "CVE-2024-50195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50195"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-clock: Fix missing timespec64 check in pc_clock_settime()\n\nAs Andrew pointed out, it will make sense that the PTP core\nchecked timespec64 struct\u0027s tv_sec and tv_nsec range before calling\nptp-\u003einfo-\u003esettime64().\n\nAs the man manual of clock_settime() said, if tp.tv_sec is negative or\ntp.tv_nsec is outside the range [0..999,999,999], it should return EINVAL,\nwhich include dynamic clocks which handles PTP clock, and the condition is\nconsistent with timespec64_valid(). As Thomas suggested, timespec64_valid()\nonly check the timespec is valid, but not ensure that the time is\nin a valid range, so check it ahead using timespec64_valid_strict()\nin pc_clock_settime() and return -EINVAL if not valid.\n\nThere are some drivers that use tp-\u003etv_sec and tp-\u003etv_nsec directly to\nwrite registers without validity checks and assume that the higher layer\nhas checked it, which is dangerous and will benefit from this, such as\nhclge_ptp_settime(), igb_ptp_settime_i210(), _rcar_gen4_ptp_settime(),\nand some drivers can remove the checks of itself.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50195",
"url": "https://www.suse.com/security/cve/CVE-2024-50195"
},
{
"category": "external",
"summary": "SUSE Bug 1233103 for CVE-2024-50195",
"url": "https://bugzilla.suse.com/1233103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50195"
},
{
"cve": "CVE-2024-50210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50210"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()\n\nIf get_clock_desc() succeeds, it calls fget() for the clockid\u0027s fd,\nand get the clk-\u003erwsem read lock, so the error path should release\nthe lock to make the lock balance and fput the clockid\u0027s fd to make\nthe refcount balance and release the fd related resource.\n\nHowever the below commit left the error path locked behind resulting in\nunbalanced locking. Check timespec64_valid_strict() before\nget_clock_desc() to fix it, because the \"ts\" is not changed\nafter that.\n\n[pabeni@redhat.com: fixed commit message typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50210",
"url": "https://www.suse.com/security/cve/CVE-2024-50210"
},
{
"category": "external",
"summary": "SUSE Bug 1233097 for CVE-2024-50210",
"url": "https://bugzilla.suse.com/1233097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50210"
},
{
"cve": "CVE-2024-50218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50218"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: pass u64 to ocfs2_truncate_inline maybe overflow\n\nSyzbot reported a kernel BUG in ocfs2_truncate_inline. There are two\nreasons for this: first, the parameter value passed is greater than\nocfs2_max_inline_data_with_xattr, second, the start and end parameters of\nocfs2_truncate_inline are \"unsigned int\".\n\nSo, we need to add a sanity check for byte_start and byte_len right before\nocfs2_truncate_inline() in ocfs2_remove_inode_range(), if they are greater\nthan ocfs2_max_inline_data_with_xattr return -EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50218",
"url": "https://www.suse.com/security/cve/CVE-2024-50218"
},
{
"category": "external",
"summary": "SUSE Bug 1233191 for CVE-2024-50218",
"url": "https://bugzilla.suse.com/1233191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50218"
},
{
"cve": "CVE-2024-50234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50234"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlegacy: Clear stale interrupts before resuming device\n\niwl4965 fails upon resume from hibernation on my laptop. The reason\nseems to be a stale interrupt which isn\u0027t being cleared out before\ninterrupts are enabled. We end up with a race beween the resume\ntrying to bring things back up, and the restart work (queued form\nthe interrupt handler) trying to bring things down. Eventually\nthe whole thing blows up.\n\nFix the problem by clearing out any stale interrupts before\ninterrupts get enabled during resume.\n\nHere\u0027s a debug log of the indicent:\n[ 12.042589] ieee80211 phy0: il_isr ISR inta 0x00000080, enabled 0xaa00008b, fh 0x00000000\n[ 12.042625] ieee80211 phy0: il4965_irq_tasklet inta 0x00000080, enabled 0x00000000, fh 0x00000000\n[ 12.042651] iwl4965 0000:10:00.0: RF_KILL bit toggled to enable radio.\n[ 12.042653] iwl4965 0000:10:00.0: On demand firmware reload\n[ 12.042690] ieee80211 phy0: il4965_irq_tasklet End inta 0x00000000, enabled 0xaa00008b, fh 0x00000000, flags 0x00000282\n[ 12.052207] ieee80211 phy0: il4965_mac_start enter\n[ 12.052212] ieee80211 phy0: il_prep_station Add STA to driver ID 31: ff:ff:ff:ff:ff:ff\n[ 12.052244] ieee80211 phy0: il4965_set_hw_ready hardware ready\n[ 12.052324] ieee80211 phy0: il_apm_init Init card\u0027s basic functions\n[ 12.052348] ieee80211 phy0: il_apm_init L1 Enabled; Disabling L0S\n[ 12.055727] ieee80211 phy0: il4965_load_bsm Begin load bsm\n[ 12.056140] ieee80211 phy0: il4965_verify_bsm Begin verify bsm\n[ 12.058642] ieee80211 phy0: il4965_verify_bsm BSM bootstrap uCode image OK\n[ 12.058721] ieee80211 phy0: il4965_load_bsm BSM write complete, poll 1 iterations\n[ 12.058734] ieee80211 phy0: __il4965_up iwl4965 is coming up\n[ 12.058737] ieee80211 phy0: il4965_mac_start Start UP work done.\n[ 12.058757] ieee80211 phy0: __il4965_down iwl4965 is going down\n[ 12.058761] ieee80211 phy0: il_scan_cancel_timeout Scan cancel timeout\n[ 12.058762] ieee80211 phy0: il_do_scan_abort Not performing scan to abort\n[ 12.058765] ieee80211 phy0: il_clear_ucode_stations Clearing ucode stations in driver\n[ 12.058767] ieee80211 phy0: il_clear_ucode_stations No active stations found to be cleared\n[ 12.058819] ieee80211 phy0: _il_apm_stop Stop card, put in low power state\n[ 12.058827] ieee80211 phy0: _il_apm_stop_master stop master\n[ 12.058864] ieee80211 phy0: il4965_clear_free_frames 0 frames on pre-allocated heap on clear.\n[ 12.058869] ieee80211 phy0: Hardware restart was requested\n[ 16.132299] iwl4965 0000:10:00.0: START_ALIVE timeout after 4000ms.\n[ 16.132303] ------------[ cut here ]------------\n[ 16.132304] Hardware became unavailable upon resume. This could be a software issue prior to suspend or a hardware issue.\n[ 16.132338] WARNING: CPU: 0 PID: 181 at net/mac80211/util.c:1826 ieee80211_reconfig+0x8f/0x14b0 [mac80211]\n[ 16.132390] Modules linked in: ctr ccm sch_fq_codel xt_tcpudp xt_multiport xt_state iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv4 ip_tables x_tables binfmt_misc joydev mousedev btusb btrtl btintel btbcm bluetooth ecdh_generic ecc iTCO_wdt i2c_dev iwl4965 iwlegacy coretemp snd_hda_codec_analog pcspkr psmouse mac80211 snd_hda_codec_generic libarc4 sdhci_pci cqhci sha256_generic sdhci libsha256 firewire_ohci snd_hda_intel snd_intel_dspcfg mmc_core snd_hda_codec snd_hwdep firewire_core led_class iosf_mbi snd_hda_core uhci_hcd lpc_ich crc_itu_t cfg80211 ehci_pci ehci_hcd snd_pcm usbcore mfd_core rfkill snd_timer snd usb_common soundcore video parport_pc parport intel_agp wmi intel_gtt backlight e1000e agpgart evdev\n[ 16.132456] CPU: 0 UID: 0 PID: 181 Comm: kworker/u8:6 Not tainted 6.11.0-cl+ #143\n[ 16.132460] Hardware name: Hewlett-Packard HP Compaq 6910p/30BE, BIOS 68MCU Ver. F.19 07/06/2010\n[ 16.132463] Workqueue: async async_run_entry_fn\n[ 16.132469] RIP: 0010:ieee80211_reconfig+0x8f/0x14b0 [mac80211]\n[ 16.132501] Code: da 02 00 0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50234",
"url": "https://www.suse.com/security/cve/CVE-2024-50234"
},
{
"category": "external",
"summary": "SUSE Bug 1233211 for CVE-2024-50234",
"url": "https://bugzilla.suse.com/1233211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50234"
},
{
"cve": "CVE-2024-50236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50236"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath10k: Fix memory leak in management tx\n\nIn the current logic, memory is allocated for storing the MSDU context\nduring management packet TX but this memory is not being freed during\nmanagement TX completion. Similar leaks are seen in the management TX\ncleanup logic.\n\nKmemleak reports this problem as below,\n\nunreferenced object 0xffffff80b64ed250 (size 16):\n comm \"kworker/u16:7\", pid 148, jiffies 4294687130 (age 714.199s)\n hex dump (first 16 bytes):\n 00 2b d8 d8 80 ff ff ff c4 74 e9 fd 07 00 00 00 .+.......t......\n backtrace:\n [\u003cffffffe6e7b245dc\u003e] __kmem_cache_alloc_node+0x1e4/0x2d8\n [\u003cffffffe6e7adde88\u003e] kmalloc_trace+0x48/0x110\n [\u003cffffffe6bbd765fc\u003e] ath10k_wmi_tlv_op_gen_mgmt_tx_send+0xd4/0x1d8 [ath10k_core]\n [\u003cffffffe6bbd3eed4\u003e] ath10k_mgmt_over_wmi_tx_work+0x134/0x298 [ath10k_core]\n [\u003cffffffe6e78d5974\u003e] process_scheduled_works+0x1ac/0x400\n [\u003cffffffe6e78d60b8\u003e] worker_thread+0x208/0x328\n [\u003cffffffe6e78dc890\u003e] kthread+0x100/0x1c0\n [\u003cffffffe6e78166c0\u003e] ret_from_fork+0x10/0x20\n\nFree the memory during completion and cleanup to fix the leak.\n\nProtect the mgmt_pending_tx idr_remove() operation in\nath10k_wmi_tlv_op_cleanup_mgmt_tx_send() using ar-\u003edata_lock similar to\nother instances.\n\nTested-on: WCN3990 hw1.0 SNOC WLAN.HL.2.0-01387-QCAHLSWMTPLZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50236",
"url": "https://www.suse.com/security/cve/CVE-2024-50236"
},
{
"category": "external",
"summary": "SUSE Bug 1233212 for CVE-2024-50236",
"url": "https://bugzilla.suse.com/1233212"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50236"
},
{
"cve": "CVE-2024-50237",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50237"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: do not pass a stopped vif to the driver in .get_txpower\n\nAvoid potentially crashing in the driver because of uninitialized private data",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50237",
"url": "https://www.suse.com/security/cve/CVE-2024-50237"
},
{
"category": "external",
"summary": "SUSE Bug 1233216 for CVE-2024-50237",
"url": "https://bugzilla.suse.com/1233216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50237"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
},
{
"cve": "CVE-2024-50265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50265"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove()\n\nSyzkaller is able to provoke null-ptr-dereference in ocfs2_xa_remove():\n\n[ 57.319872] (a.out,1161,7):ocfs2_xa_remove:2028 ERROR: status = -12\n[ 57.320420] (a.out,1161,7):ocfs2_xa_cleanup_value_truncate:1999 ERROR: Partial truncate while removing xattr overlay.upper. Leaking 1 clusters and removing the entry\n[ 57.321727] BUG: kernel NULL pointer dereference, address: 0000000000000004\n[...]\n[ 57.325727] RIP: 0010:ocfs2_xa_block_wipe_namevalue+0x2a/0xc0\n[...]\n[ 57.331328] Call Trace:\n[ 57.331477] \u003cTASK\u003e\n[...]\n[ 57.333511] ? do_user_addr_fault+0x3e5/0x740\n[ 57.333778] ? exc_page_fault+0x70/0x170\n[ 57.334016] ? asm_exc_page_fault+0x2b/0x30\n[ 57.334263] ? __pfx_ocfs2_xa_block_wipe_namevalue+0x10/0x10\n[ 57.334596] ? ocfs2_xa_block_wipe_namevalue+0x2a/0xc0\n[ 57.334913] ocfs2_xa_remove_entry+0x23/0xc0\n[ 57.335164] ocfs2_xa_set+0x704/0xcf0\n[ 57.335381] ? _raw_spin_unlock+0x1a/0x40\n[ 57.335620] ? ocfs2_inode_cache_unlock+0x16/0x20\n[ 57.335915] ? trace_preempt_on+0x1e/0x70\n[ 57.336153] ? start_this_handle+0x16c/0x500\n[ 57.336410] ? preempt_count_sub+0x50/0x80\n[ 57.336656] ? _raw_read_unlock+0x20/0x40\n[ 57.336906] ? start_this_handle+0x16c/0x500\n[ 57.337162] ocfs2_xattr_block_set+0xa6/0x1e0\n[ 57.337424] __ocfs2_xattr_set_handle+0x1fd/0x5d0\n[ 57.337706] ? ocfs2_start_trans+0x13d/0x290\n[ 57.337971] ocfs2_xattr_set+0xb13/0xfb0\n[ 57.338207] ? dput+0x46/0x1c0\n[ 57.338393] ocfs2_xattr_trusted_set+0x28/0x30\n[ 57.338665] ? ocfs2_xattr_trusted_set+0x28/0x30\n[ 57.338948] __vfs_removexattr+0x92/0xc0\n[ 57.339182] __vfs_removexattr_locked+0xd5/0x190\n[ 57.339456] ? preempt_count_sub+0x50/0x80\n[ 57.339705] vfs_removexattr+0x5f/0x100\n[...]\n\nReproducer uses faultinject facility to fail ocfs2_xa_remove() -\u003e\nocfs2_xa_value_truncate() with -ENOMEM.\n\nIn this case the comment mentions that we can return 0 if\nocfs2_xa_cleanup_value_truncate() is going to wipe the entry\nanyway. But the following \u0027rc\u0027 check is wrong and execution flow do\n\u0027ocfs2_xa_remove_entry(loc);\u0027 twice:\n* 1st: in ocfs2_xa_cleanup_value_truncate();\n* 2nd: returning back to ocfs2_xa_remove() instead of going to \u0027out\u0027.\n\nFix this by skipping the 2nd removal of the same entry and making\nsyzkaller repro happy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50265",
"url": "https://www.suse.com/security/cve/CVE-2024-50265"
},
{
"category": "external",
"summary": "SUSE Bug 1233454 for CVE-2024-50265",
"url": "https://bugzilla.suse.com/1233454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50265"
},
{
"cve": "CVE-2024-50267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50267"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: io_edgeport: fix use after free in debug printk\n\nThe \"dev_dbg(\u0026urb-\u003edev-\u003edev, ...\" which happens after usb_free_urb(urb)\nis a use after free of the \"urb\" pointer. Store the \"dev\" pointer at the\nstart of the function to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50267",
"url": "https://www.suse.com/security/cve/CVE-2024-50267"
},
{
"category": "external",
"summary": "SUSE Bug 1233456 for CVE-2024-50267",
"url": "https://bugzilla.suse.com/1233456"
},
{
"category": "external",
"summary": "SUSE Bug 1233711 for CVE-2024-50267",
"url": "https://bugzilla.suse.com/1233711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50267"
},
{
"cve": "CVE-2024-50273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50273"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: reinitialize delayed ref list after deleting it from the list\n\nAt insert_delayed_ref() if we need to update the action of an existing\nref to BTRFS_DROP_DELAYED_REF, we delete the ref from its ref head\u0027s\nref_add_list using list_del(), which leaves the ref\u0027s add_list member\nnot reinitialized, as list_del() sets the next and prev members of the\nlist to LIST_POISON1 and LIST_POISON2, respectively.\n\nIf later we end up calling drop_delayed_ref() against the ref, which can\nhappen during merging or when destroying delayed refs due to a transaction\nabort, we can trigger a crash since at drop_delayed_ref() we call\nlist_empty() against the ref\u0027s add_list, which returns false since\nthe list was not reinitialized after the list_del() and as a consequence\nwe call list_del() again at drop_delayed_ref(). This results in an\ninvalid list access since the next and prev members are set to poison\npointers, resulting in a splat if CONFIG_LIST_HARDENED and\nCONFIG_DEBUG_LIST are set or invalid poison pointer dereferences\notherwise.\n\nSo fix this by deleting from the list with list_del_init() instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50273",
"url": "https://www.suse.com/security/cve/CVE-2024-50273"
},
{
"category": "external",
"summary": "SUSE Bug 1233462 for CVE-2024-50273",
"url": "https://bugzilla.suse.com/1233462"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50273"
},
{
"cve": "CVE-2024-50278",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50278"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: fix potential out-of-bounds access on the first resume\n\nOut-of-bounds access occurs if the fast device is expanded unexpectedly\nbefore the first-time resume of the cache table. This happens because\nexpanding the fast device requires reloading the cache table for\ncache_create to allocate new in-core data structures that fit the new\nsize, and the check in cache_preresume is not performed during the\nfirst resume, leading to the issue.\n\nReproduce steps:\n\n1. prepare component devices:\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct\n\n2. load a cache table of 512 cache blocks, and deliberately expand the\n fast device before resuming the cache, making the in-core data\n structures inadequate.\n\ndmsetup create cache --notable\ndmsetup reload cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\ndmsetup reload cdata --table \"0 131072 linear /dev/sdc 8192\"\ndmsetup resume cdata\ndmsetup resume cache\n\n3. suspend the cache to write out the in-core dirty bitset and hint\n array, leading to out-of-bounds access to the dirty bitset at offset\n 0x40:\n\ndmsetup suspend cache\n\nKASAN reports:\n\n BUG: KASAN: vmalloc-out-of-bounds in is_dirty_callback+0x2b/0x80\n Read of size 8 at addr ffffc90000085040 by task dmsetup/90\n\n (...snip...)\n The buggy address belongs to the virtual mapping at\n [ffffc90000085000, ffffc90000087000) created by:\n cache_ctr+0x176a/0x35f0\n\n (...snip...)\n Memory state around the buggy address:\n ffffc90000084f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc90000084f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n \u003effffc90000085000: 00 00 00 00 00 00 00 00 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffffc90000085080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc90000085100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n\nFix by checking the size change on the first resume.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50278",
"url": "https://www.suse.com/security/cve/CVE-2024-50278"
},
{
"category": "external",
"summary": "SUSE Bug 1233467 for CVE-2024-50278",
"url": "https://bugzilla.suse.com/1233467"
},
{
"category": "external",
"summary": "SUSE Bug 1233709 for CVE-2024-50278",
"url": "https://bugzilla.suse.com/1233709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50278"
},
{
"cve": "CVE-2024-50279",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50279"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: fix out-of-bounds access to the dirty bitset when resizing\n\ndm-cache checks the dirty bits of the cache blocks to be dropped when\nshrinking the fast device, but an index bug in bitset iteration causes\nout-of-bounds access.\n\nReproduce steps:\n\n1. create a cache device of 1024 cache blocks (128 bytes dirty bitset)\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 131072 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct\ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\n\n2. shrink the fast device to 512 cache blocks, triggering out-of-bounds\n access to the dirty bitset (offset 0x80)\n\ndmsetup suspend cache\ndmsetup reload cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup resume cdata\ndmsetup resume cache\n\nKASAN reports:\n\n BUG: KASAN: vmalloc-out-of-bounds in cache_preresume+0x269/0x7b0\n Read of size 8 at addr ffffc900000f3080 by task dmsetup/131\n\n (...snip...)\n The buggy address belongs to the virtual mapping at\n [ffffc900000f3000, ffffc900000f5000) created by:\n cache_ctr+0x176a/0x35f0\n\n (...snip...)\n Memory state around the buggy address:\n ffffc900000f2f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003effffc900000f3080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffffc900000f3100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n\nFix by making the index post-incremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50279",
"url": "https://www.suse.com/security/cve/CVE-2024-50279"
},
{
"category": "external",
"summary": "SUSE Bug 1233468 for CVE-2024-50279",
"url": "https://bugzilla.suse.com/1233468"
},
{
"category": "external",
"summary": "SUSE Bug 1233708 for CVE-2024-50279",
"url": "https://bugzilla.suse.com/1233708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50279"
},
{
"cve": "CVE-2024-50289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50289"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: av7110: fix a spectre vulnerability\n\nAs warned by smatch:\n\tdrivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue \u0027av7110-\u003eci_slot\u0027 [w] (local cap)\n\nThere is a spectre-related vulnerability at the code. Fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50289",
"url": "https://www.suse.com/security/cve/CVE-2024-50289"
},
{
"category": "external",
"summary": "SUSE Bug 1233478 for CVE-2024-50289",
"url": "https://bugzilla.suse.com/1233478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50289"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-50296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50296"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when uninstalling driver\n\nWhen the driver is uninstalled and the VF is disabled concurrently, a\nkernel crash occurs. The reason is that the two actions call function\npci_disable_sriov(). The num_VFs is checked to determine whether to\nrelease the corresponding resources. During the second calling, num_VFs\nis not 0 and the resource release function is called. However, the\ncorresponding resource has been released during the first invoking.\nTherefore, the problem occurs:\n\n[15277.839633][T50670] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n...\n[15278.131557][T50670] Call trace:\n[15278.134686][T50670] klist_put+0x28/0x12c\n[15278.138682][T50670] klist_del+0x14/0x20\n[15278.142592][T50670] device_del+0xbc/0x3c0\n[15278.146676][T50670] pci_remove_bus_device+0x84/0x120\n[15278.151714][T50670] pci_stop_and_remove_bus_device+0x6c/0x80\n[15278.157447][T50670] pci_iov_remove_virtfn+0xb4/0x12c\n[15278.162485][T50670] sriov_disable+0x50/0x11c\n[15278.166829][T50670] pci_disable_sriov+0x24/0x30\n[15278.171433][T50670] hnae3_unregister_ae_algo_prepare+0x60/0x90 [hnae3]\n[15278.178039][T50670] hclge_exit+0x28/0xd0 [hclge]\n[15278.182730][T50670] __se_sys_delete_module.isra.0+0x164/0x230\n[15278.188550][T50670] __arm64_sys_delete_module+0x1c/0x30\n[15278.193848][T50670] invoke_syscall+0x50/0x11c\n[15278.198278][T50670] el0_svc_common.constprop.0+0x158/0x164\n[15278.203837][T50670] do_el0_svc+0x34/0xcc\n[15278.207834][T50670] el0_svc+0x20/0x30\n\nFor details, see the following figure.\n\n rmmod hclge disable VFs\n----------------------------------------------------\nhclge_exit() sriov_numvfs_store()\n ... device_lock()\n pci_disable_sriov() hns3_pci_sriov_configure()\n pci_disable_sriov()\n sriov_disable()\n sriov_disable() if !num_VFs :\n if !num_VFs : return;\n return; sriov_del_vfs()\n sriov_del_vfs() ...\n ... klist_put()\n klist_put() ...\n ... num_VFs = 0;\n num_VFs = 0; device_unlock();\n\nIn this patch, when driver is removing, we get the device_lock()\nto protect num_VFs, just like sriov_numvfs_store().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50296",
"url": "https://www.suse.com/security/cve/CVE-2024-50296"
},
{
"category": "external",
"summary": "SUSE Bug 1233485 for CVE-2024-50296",
"url": "https://bugzilla.suse.com/1233485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-50296"
},
{
"cve": "CVE-2024-50301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsecurity/keys: fix slab-out-of-bounds in key_task_permission\n\nKASAN reports an out of bounds read:\nBUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36\nBUG: KASAN: slab-out-of-bounds in uid_eq include/linux/uidgid.h:63 [inline]\nBUG: KASAN: slab-out-of-bounds in key_task_permission+0x394/0x410\nsecurity/keys/permission.c:54\nRead of size 4 at addr ffff88813c3ab618 by task stress-ng/4362\n\nCPU: 2 PID: 4362 Comm: stress-ng Not tainted 5.10.0-14930-gafbffd6c3ede #15\nCall Trace:\n __dump_stack lib/dump_stack.c:82 [inline]\n dump_stack+0x107/0x167 lib/dump_stack.c:123\n print_address_description.constprop.0+0x19/0x170 mm/kasan/report.c:400\n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560\n kasan_report+0x3a/0x50 mm/kasan/report.c:585\n __kuid_val include/linux/uidgid.h:36 [inline]\n uid_eq include/linux/uidgid.h:63 [inline]\n key_task_permission+0x394/0x410 security/keys/permission.c:54\n search_nested_keyrings+0x90e/0xe90 security/keys/keyring.c:793\n\nThis issue was also reported by syzbot.\n\nIt can be reproduced by following these steps(more details [1]):\n1. Obtain more than 32 inputs that have similar hashes, which ends with the\n pattern \u00270xxxxxxxe6\u0027.\n2. Reboot and add the keys obtained in step 1.\n\nThe reproducer demonstrates how this issue happened:\n1. In the search_nested_keyrings function, when it iterates through the\n slots in a node(below tag ascend_to_node), if the slot pointer is meta\n and node-\u003eback_pointer != NULL(it means a root), it will proceed to\n descend_to_node. However, there is an exception. If node is the root,\n and one of the slots points to a shortcut, it will be treated as a\n keyring.\n2. Whether the ptr is keyring decided by keyring_ptr_is_keyring function.\n However, KEYRING_PTR_SUBTYPE is 0x2UL, the same as\n ASSOC_ARRAY_PTR_SUBTYPE_MASK.\n3. When 32 keys with the similar hashes are added to the tree, the ROOT\n has keys with hashes that are not similar (e.g. slot 0) and it splits\n NODE A without using a shortcut. When NODE A is filled with keys that\n all hashes are xxe6, the keys are similar, NODE A will split with a\n shortcut. Finally, it forms the tree as shown below, where slot 6 points\n to a shortcut.\n\n NODE A\n +------\u003e+---+\n ROOT | | 0 | xxe6\n +---+ | +---+\n xxxx | 0 | shortcut : : xxe6\n +---+ | +---+\n xxe6 : : | | | xxe6\n +---+ | +---+\n | 6 |---+ : : xxe6\n +---+ +---+\n xxe6 : : | f | xxe6\n +---+ +---+\n xxe6 | f |\n +---+\n\n4. As mentioned above, If a slot(slot 6) of the root points to a shortcut,\n it may be mistakenly transferred to a key*, leading to a read\n out-of-bounds read.\n\nTo fix this issue, one should jump to descend_to_node if the ptr is a\nshortcut, regardless of whether the node is root or not.\n\n[1] https://lore.kernel.org/linux-kernel/1cfa878e-8c7b-4570-8606-21daf5e13ce7@huaweicloud.com/\n\n[jarkko: tweaked the commit message a bit to have an appropriate closes\n tag.]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50301",
"url": "https://www.suse.com/security/cve/CVE-2024-50301"
},
{
"category": "external",
"summary": "SUSE Bug 1233490 for CVE-2024-50301",
"url": "https://bugzilla.suse.com/1233490"
},
{
"category": "external",
"summary": "SUSE Bug 1233680 for CVE-2024-50301",
"url": "https://bugzilla.suse.com/1233680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50301"
},
{
"cve": "CVE-2024-50302",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50302"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let\u0027s\nzero-initialize it during allocation to make sure that it can\u0027t be ever used\nto leak kernel memory via specially-crafted report.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50302",
"url": "https://www.suse.com/security/cve/CVE-2024-50302"
},
{
"category": "external",
"summary": "SUSE Bug 1233491 for CVE-2024-50302",
"url": "https://bugzilla.suse.com/1233491"
},
{
"category": "external",
"summary": "SUSE Bug 1233679 for CVE-2024-50302",
"url": "https://bugzilla.suse.com/1233679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-50302"
},
{
"cve": "CVE-2024-53058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data\n\nIn case the non-paged data of a SKB carries protocol header and protocol\npayload to be transmitted on a certain platform that the DMA AXI address\nwidth is configured to 40-bit/48-bit, or the size of the non-paged data\nis bigger than TSO_MAX_BUFF_SIZE on a certain platform that the DMA AXI\naddress width is configured to 32-bit, then this SKB requires at least\ntwo DMA transmit descriptors to serve it.\n\nFor example, three descriptors are allocated to split one DMA buffer\nmapped from one piece of non-paged data:\n dma_desc[N + 0],\n dma_desc[N + 1],\n dma_desc[N + 2].\nThen three elements of tx_q-\u003etx_skbuff_dma[] will be allocated to hold\nextra information to be reused in stmmac_tx_clean():\n tx_q-\u003etx_skbuff_dma[N + 0],\n tx_q-\u003etx_skbuff_dma[N + 1],\n tx_q-\u003etx_skbuff_dma[N + 2].\nNow we focus on tx_q-\u003etx_skbuff_dma[entry].buf, which is the DMA buffer\naddress returned by DMA mapping call. stmmac_tx_clean() will try to\nunmap the DMA buffer _ONLY_IF_ tx_q-\u003etx_skbuff_dma[entry].buf\nis a valid buffer address.\n\nThe expected behavior that saves DMA buffer address of this non-paged\ndata to tx_q-\u003etx_skbuff_dma[entry].buf is:\n tx_q-\u003etx_skbuff_dma[N + 0].buf = NULL;\n tx_q-\u003etx_skbuff_dma[N + 1].buf = NULL;\n tx_q-\u003etx_skbuff_dma[N + 2].buf = dma_map_single();\nUnfortunately, the current code misbehaves like this:\n tx_q-\u003etx_skbuff_dma[N + 0].buf = dma_map_single();\n tx_q-\u003etx_skbuff_dma[N + 1].buf = NULL;\n tx_q-\u003etx_skbuff_dma[N + 2].buf = NULL;\n\nOn the stmmac_tx_clean() side, when dma_desc[N + 0] is closed by the\nDMA engine, tx_q-\u003etx_skbuff_dma[N + 0].buf is a valid buffer address\nobviously, then the DMA buffer will be unmapped immediately.\nThere may be a rare case that the DMA engine does not finish the\npending dma_desc[N + 1], dma_desc[N + 2] yet. Now things will go\nhorribly wrong, DMA is going to access a unmapped/unreferenced memory\nregion, corrupted data will be transmited or iommu fault will be\ntriggered :(\n\nIn contrast, the for-loop that maps SKB fragments behaves perfectly\nas expected, and that is how the driver should do for both non-paged\ndata and paged frags actually.\n\nThis patch corrects DMA map/unmap sequences by fixing the array index\nfor tx_q-\u003etx_skbuff_dma[entry].buf when assigning DMA buffer address.\n\nTested and verified on DWXGMAC CORE 3.20a",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53058",
"url": "https://www.suse.com/security/cve/CVE-2024-53058"
},
{
"category": "external",
"summary": "SUSE Bug 1233552 for CVE-2024-53058",
"url": "https://bugzilla.suse.com/1233552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-53058"
},
{
"cve": "CVE-2024-53061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: s5p-jpeg: prevent buffer overflows\n\nThe current logic allows word to be less than 2. If this happens,\nthere will be buffer overflows, as reported by smatch. Add extra\nchecks to prevent it.\n\nWhile here, remove an unused word = 0 assignment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53061",
"url": "https://www.suse.com/security/cve/CVE-2024-53061"
},
{
"category": "external",
"summary": "SUSE Bug 1233555 for CVE-2024-53061",
"url": "https://bugzilla.suse.com/1233555"
},
{
"category": "external",
"summary": "SUSE Bug 1233621 for CVE-2024-53061",
"url": "https://bugzilla.suse.com/1233621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-53061"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: Fix KMSAN warning in decode_getfattr_attrs()\n\nFix the following KMSAN warning:\n\nCPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B\nTainted: [B]=BAD_PAGE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009)\n=====================================================\n=====================================================\nBUG: KMSAN: uninit-value in decode_getfattr_attrs+0x2d6d/0x2f90\n decode_getfattr_attrs+0x2d6d/0x2f90\n decode_getfattr_generic+0x806/0xb00\n nfs4_xdr_dec_getattr+0x1de/0x240\n rpcauth_unwrap_resp_decode+0xab/0x100\n rpcauth_unwrap_resp+0x95/0xc0\n call_decode+0x4ff/0xb50\n __rpc_execute+0x57b/0x19d0\n rpc_execute+0x368/0x5e0\n rpc_run_task+0xcfe/0xee0\n nfs4_proc_getattr+0x5b5/0x990\n __nfs_revalidate_inode+0x477/0xd00\n nfs_access_get_cached+0x1021/0x1cc0\n nfs_do_access+0x9f/0xae0\n nfs_permission+0x1e4/0x8c0\n inode_permission+0x356/0x6c0\n link_path_walk+0x958/0x1330\n path_lookupat+0xce/0x6b0\n filename_lookup+0x23e/0x770\n vfs_statx+0xe7/0x970\n vfs_fstatat+0x1f2/0x2c0\n __se_sys_newfstatat+0x67/0x880\n __x64_sys_newfstatat+0xbd/0x120\n x64_sys_call+0x1826/0x3cf0\n do_syscall_64+0xd0/0x1b0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe KMSAN warning is triggered in decode_getfattr_attrs(), when calling\ndecode_attr_mdsthreshold(). It appears that fattr-\u003emdsthreshold is not\ninitialized.\n\nFix the issue by initializing fattr-\u003emdsthreshold to NULL in\nnfs_fattr_init().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53066",
"url": "https://www.suse.com/security/cve/CVE-2024-53066"
},
{
"category": "external",
"summary": "SUSE Bug 1233560 for CVE-2024-53066",
"url": "https://bugzilla.suse.com/1233560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-53066"
},
{
"cve": "CVE-2024-53085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Lock TPM chip in tpm_pm_suspend() first\n\nSetting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy\naccording, as this leaves window for tpm_hwrng_read() to be called while\nthe operation is in progress. The recent bug report gives also evidence of\nthis behaviour.\n\nAadress this by locking the TPM chip before checking any chip-\u003eflags both\nin tpm_pm_suspend() and tpm_hwrng_read(). Move TPM_CHIP_FLAG_SUSPENDED\ncheck inside tpm_get_random() so that it will be always checked only when\nthe lock is reserved.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53085",
"url": "https://www.suse.com/security/cve/CVE-2024-53085"
},
{
"category": "external",
"summary": "SUSE Bug 1233577 for CVE-2024-53085",
"url": "https://bugzilla.suse.com/1233577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-53085"
},
{
"cve": "CVE-2024-53088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix race condition by adding filter\u0027s intermediate sync state\n\nFix a race condition in the i40e driver that leads to MAC/VLAN filters\nbecoming corrupted and leaking. Address the issue that occurs under\nheavy load when multiple threads are concurrently modifying MAC/VLAN\nfilters by setting mac and port VLAN.\n\n1. Thread T0 allocates a filter in i40e_add_filter() within\n i40e_ndo_set_vf_port_vlan().\n2. Thread T1 concurrently frees the filter in __i40e_del_filter() within\n i40e_ndo_set_vf_mac().\n3. Subsequently, i40e_service_task() calls i40e_sync_vsi_filters(), which\n refers to the already freed filter memory, causing corruption.\n\nReproduction steps:\n1. Spawn multiple VFs.\n2. Apply a concurrent heavy load by running parallel operations to change\n MAC addresses on the VFs and change port VLANs on the host.\n3. Observe errors in dmesg:\n\"Error I40E_AQ_RC_ENOSPC adding RX filters on VF XX,\n\tplease set promiscuous on manually for VF XX\".\n\nExact code for stable reproduction Intel can\u0027t open-source now.\n\nThe fix involves implementing a new intermediate filter state,\nI40E_FILTER_NEW_SYNC, for the time when a filter is on a tmp_add_list.\nThese filters cannot be deleted from the hash list directly but\nmust be removed using the full process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53088",
"url": "https://www.suse.com/security/cve/CVE-2024-53088"
},
{
"category": "external",
"summary": "SUSE Bug 1233580 for CVE-2024-53088",
"url": "https://bugzilla.suse.com/1233580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-53088"
},
{
"cve": "CVE-2024-53104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format\n\nThis can lead to out of bounds writes since frames of this type were not\ntaken into account when calculating the size of the frames buffer in\nuvc_parse_streaming.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53104",
"url": "https://www.suse.com/security/cve/CVE-2024-53104"
},
{
"category": "external",
"summary": "SUSE Bug 1234025 for CVE-2024-53104",
"url": "https://bugzilla.suse.com/1234025"
},
{
"category": "external",
"summary": "SUSE Bug 1236783 for CVE-2024-53104",
"url": "https://bugzilla.suse.com/1236783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "important"
}
],
"title": "CVE-2024-53104"
},
{
"cve": "CVE-2024-53114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53114"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client\n\nA number of Zen4 client SoCs advertise the ability to use virtualized\nVMLOAD/VMSAVE, but using these instructions is reported to be a cause\nof a random host reboot.\n\nThese instructions aren\u0027t intended to be advertised on Zen4 client\nso clear the capability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53114",
"url": "https://www.suse.com/security/cve/CVE-2024-53114"
},
{
"category": "external",
"summary": "SUSE Bug 1234072 for CVE-2024-53114",
"url": "https://bugzilla.suse.com/1234072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-53114"
},
{
"cve": "CVE-2024-53142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninitramfs: avoid filename buffer overrun\n\nThe initramfs filename field is defined in\nDocumentation/driver-api/early-userspace/buffer-format.rst as:\n\n 37 cpio_file := ALGN(4) + cpio_header + filename + \"\\0\" + ALGN(4) + data\n...\n 55 ============= ================== =========================\n 56 Field name Field size Meaning\n 57 ============= ================== =========================\n...\n 70 c_namesize 8 bytes Length of filename, including final \\0\n\nWhen extracting an initramfs cpio archive, the kernel\u0027s do_name() path\nhandler assumes a zero-terminated path at @collected, passing it\ndirectly to filp_open() / init_mkdir() / init_mknod().\n\nIf a specially crafted cpio entry carries a non-zero-terminated filename\nand is followed by uninitialized memory, then a file may be created with\ntrailing characters that represent the uninitialized memory. The ability\nto create an initramfs entry would imply already having full control of\nthe system, so the buffer overrun shouldn\u0027t be considered a security\nvulnerability.\n\nAppend the output of the following bash script to an existing initramfs\nand observe any created /initramfs_test_fname_overrunAA* path. E.g.\n ./reproducer.sh | gzip \u003e\u003e /myinitramfs\n\nIt\u0027s easiest to observe non-zero uninitialized memory when the output is\ngzipped, as it\u0027ll overflow the heap allocated @out_buf in __gunzip(),\nrather than the initrd_start+initrd_size block.\n\n---- reproducer.sh ----\nnilchar=\"A\"\t# change to \"\\0\" to properly zero terminate / pad\nmagic=\"070701\"\nino=1\nmode=$(( 0100777 ))\nuid=0\ngid=0\nnlink=1\nmtime=1\nfilesize=0\ndevmajor=0\ndevminor=1\nrdevmajor=0\nrdevminor=0\ncsum=0\nfname=\"initramfs_test_fname_overrun\"\nnamelen=$(( ${#fname} + 1 ))\t# plus one to account for terminator\n\nprintf \"%s%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%08x%s\" \\\n\t$magic $ino $mode $uid $gid $nlink $mtime $filesize \\\n\t$devmajor $devminor $rdevmajor $rdevminor $namelen $csum $fname\n\ntermpadlen=$(( 1 + ((4 - ((110 + $namelen) \u0026 3)) % 4) ))\nprintf \"%.s${nilchar}\" $(seq 1 $termpadlen)\n---- reproducer.sh ----\n\nSymlink filename fields handled in do_symlink() won\u0027t overrun past the\ndata segment, due to the explicit zero-termination of the symlink\ntarget.\n\nFix filename buffer overrun by aborting the initramfs FSM if any cpio\nentry doesn\u0027t carry a zero-terminator at the expected (name_len - 1)\noffset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53142",
"url": "https://www.suse.com/security/cve/CVE-2024-53142"
},
{
"category": "external",
"summary": "SUSE Bug 1232436 for CVE-2024-53142",
"url": "https://bugzilla.suse.com/1232436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.237.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.237.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.237.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-08T09:47:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-53142"
}
]
}
SUSE-SU-2025:0110-1
Vulnerability from csaf_suse - Published: 2025-01-14 20:34 - Updated: 2025-01-14 20:34Summary
Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4)
Description of the patch
This update for the Linux Kernel 5.14.21-150400_24_122 fixes several issues.
The following security issues were fixed:
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712).
- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).
- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).
- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1225310).
Patchnames
SUSE-2025-110,SUSE-SLE-Module-Live-Patching-15-SP4-2025-110
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 5.14.21-150400_24_122 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233712).\n- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637).\n- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733).\n- CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553).\n- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).\n- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1231353).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739).\n- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)\n- CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573).\n- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).\n- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099).\n- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).\n- CVE-2024-35950: drm/client: Fully protect modes with dev-\u003emode_config.mutex (bsc#1225310).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-110,SUSE-SLE-Module-Live-Patching-15-SP4-2025-110",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0110-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0110-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250110-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0110-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020124.html"
},
{
"category": "self",
"summary": "SUSE Bug 1223683",
"url": "https://bugzilla.suse.com/1223683"
},
{
"category": "self",
"summary": "SUSE Bug 1225099",
"url": "https://bugzilla.suse.com/1225099"
},
{
"category": "self",
"summary": "SUSE Bug 1225309",
"url": "https://bugzilla.suse.com/1225309"
},
{
"category": "self",
"summary": "SUSE Bug 1225310",
"url": "https://bugzilla.suse.com/1225310"
},
{
"category": "self",
"summary": "SUSE Bug 1225311",
"url": "https://bugzilla.suse.com/1225311"
},
{
"category": "self",
"summary": "SUSE Bug 1225312",
"url": "https://bugzilla.suse.com/1225312"
},
{
"category": "self",
"summary": "SUSE Bug 1225733",
"url": "https://bugzilla.suse.com/1225733"
},
{
"category": "self",
"summary": "SUSE Bug 1225739",
"url": "https://bugzilla.suse.com/1225739"
},
{
"category": "self",
"summary": "SUSE Bug 1225819",
"url": "https://bugzilla.suse.com/1225819"
},
{
"category": "self",
"summary": "SUSE Bug 1226325",
"url": "https://bugzilla.suse.com/1226325"
},
{
"category": "self",
"summary": "SUSE Bug 1227471",
"url": "https://bugzilla.suse.com/1227471"
},
{
"category": "self",
"summary": "SUSE Bug 1228573",
"url": "https://bugzilla.suse.com/1228573"
},
{
"category": "self",
"summary": "SUSE Bug 1228786",
"url": "https://bugzilla.suse.com/1228786"
},
{
"category": "self",
"summary": "SUSE Bug 1229553",
"url": "https://bugzilla.suse.com/1229553"
},
{
"category": "self",
"summary": "SUSE Bug 1231353",
"url": "https://bugzilla.suse.com/1231353"
},
{
"category": "self",
"summary": "SUSE Bug 1232637",
"url": "https://bugzilla.suse.com/1232637"
},
{
"category": "self",
"summary": "SUSE Bug 1233712",
"url": "https://bugzilla.suse.com/1233712"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47598 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48956 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52846 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4)",
"tracking": {
"current_release_date": "2025-01-14T20:34:35Z",
"generator": {
"date": "2025-01-14T20:34:35Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0110-1",
"initial_release_date": "2025-01-14T20:34:35Z",
"revision_history": [
{
"date": "2025-01-14T20:34:35Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"product_id": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"product_id": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64",
"product": {
"name": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64",
"product_id": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
},
"product_reference": "kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_cake: do not call cake_destroy() from cake_init()\n\nqdiscs are not supposed to call their own destroy() method\nfrom init(), because core stack already does that.\n\nsyzbot was able to trigger use after free:\n\nDEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock_common kernel/locking/mutex.c:586 [inline]\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nModules linked in:\nCPU: 0 PID: 21902 Comm: syz-executor189 Not tainted 5.16.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:__mutex_lock_common kernel/locking/mutex.c:586 [inline]\nRIP: 0010:__mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nCode: 08 84 d2 0f 85 19 08 00 00 8b 05 97 38 4b 04 85 c0 0f 85 27 f7 ff ff 48 c7 c6 20 00 ac 89 48 c7 c7 a0 fe ab 89 e8 bf 76 ba ff \u003c0f\u003e 0b e9 0d f7 ff ff 48 8b 44 24 40 48 8d b8 c8 08 00 00 48 89 f8\nRSP: 0018:ffffc9000627f290 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802315d700 RSI: ffffffff815f1db8 RDI: fffff52000c4fe44\nRBP: ffff88818f28e000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815ebb5e R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: ffffc9000627f458 R15: 0000000093c30000\nFS: 0000555556abc400(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fda689c3303 CR3: 000000001cfbb000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcf_chain0_head_change_cb_del+0x2e/0x3d0 net/sched/cls_api.c:810\n tcf_block_put_ext net/sched/cls_api.c:1381 [inline]\n tcf_block_put_ext net/sched/cls_api.c:1376 [inline]\n tcf_block_put+0xbc/0x130 net/sched/cls_api.c:1394\n cake_destroy+0x3f/0x80 net/sched/sch_cake.c:2695\n qdisc_create.constprop.0+0x9da/0x10f0 net/sched/sch_api.c:1293\n tc_modify_qdisc+0x4c5/0x1980 net/sched/sch_api.c:1660\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2496\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f1bb06badb9\nCode: Unable to access opcode bytes at RIP 0x7f1bb06bad8f.\nRSP: 002b:00007fff3012a658 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1bb06badb9\nRDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000003 R11: 0000000000000246 R12: 00007fff3012a688\nR13: 00007fff3012a6a0 R14: 00007fff3012a6e0 R15: 00000000000013c2\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47598",
"url": "https://www.suse.com/security/cve/CVE-2021-47598"
},
{
"category": "external",
"summary": "SUSE Bug 1226574 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1226574"
},
{
"category": "external",
"summary": "SUSE Bug 1227471 for CVE-2021-47598",
"url": "https://bugzilla.suse.com/1227471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2021-47598"
},
{
"cve": "CVE-2022-48956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid use-after-free in ip6_fragment()\n\nBlamed commit claimed rcu_read_lock() was held by ip6_fragment() callers.\n\nIt seems to not be always true, at least for UDP stack.\n\nsyzbot reported:\n\nBUG: KASAN: use-after-free in ip6_dst_idev include/net/ip6_fib.h:245 [inline]\nBUG: KASAN: use-after-free in ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\nRead of size 8 at addr ffff88801d403e80 by task syz-executor.3/7618\n\nCPU: 1 PID: 7618 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00012-g4312098baf37 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:284 [inline]\n print_report+0x15e/0x45d mm/kasan/report.c:395\n kasan_report+0xbf/0x1f0 mm/kasan/report.c:495\n ip6_dst_idev include/net/ip6_fib.h:245 [inline]\n ip6_fragment+0x2724/0x2770 net/ipv6/ip6_output.c:951\n __ip6_finish_output net/ipv6/ip6_output.c:193 [inline]\n ip6_finish_output+0x9a3/0x1170 net/ipv6/ip6_output.c:206\n NF_HOOK_COND include/linux/netfilter.h:291 [inline]\n ip6_output+0x1f1/0x540 net/ipv6/ip6_output.c:227\n dst_output include/net/dst.h:445 [inline]\n ip6_local_out+0xb3/0x1a0 net/ipv6/output_core.c:161\n ip6_send_skb+0xbb/0x340 net/ipv6/ip6_output.c:1966\n udp_v6_send_skb+0x82a/0x18a0 net/ipv6/udp.c:1286\n udp_v6_push_pending_frames+0x140/0x200 net/ipv6/udp.c:1313\n udpv6_sendmsg+0x18da/0x2c80 net/ipv6/udp.c:1606\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec net/socket.c:714 [inline]\n sock_sendmsg+0xd3/0x120 net/socket.c:734\n sock_write_iter+0x295/0x3d0 net/socket.c:1108\n call_write_iter include/linux/fs.h:2191 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x9ed/0xdd0 fs/read_write.c:584\n ksys_write+0x1ec/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7fde3588c0d9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fde365b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007fde359ac050 RCX: 00007fde3588c0d9\nRDX: 000000000000ffdc RSI: 00000000200000c0 RDI: 000000000000000a\nRBP: 00007fde358e7ae9 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fde35acfb1f R14: 00007fde365b6300 R15: 0000000000022000\n \u003c/TASK\u003e\n\nAllocated by task 7618:\n kasan_save_stack+0x22/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x82/0x90 mm/kasan/common.c:325\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slab.h:737 [inline]\n slab_alloc_node mm/slub.c:3398 [inline]\n slab_alloc mm/slub.c:3406 [inline]\n __kmem_cache_alloc_lru mm/slub.c:3413 [inline]\n kmem_cache_alloc+0x2b4/0x3d0 mm/slub.c:3422\n dst_alloc+0x14a/0x1f0 net/core/dst.c:92\n ip6_dst_alloc+0x32/0xa0 net/ipv6/route.c:344\n ip6_rt_pcpu_alloc net/ipv6/route.c:1369 [inline]\n rt6_make_pcpu_route net/ipv6/route.c:1417 [inline]\n ip6_pol_route+0x901/0x1190 net/ipv6/route.c:2254\n pol_lookup_func include/net/ip6_fib.h:582 [inline]\n fib6_rule_lookup+0x52e/0x6f0 net/ipv6/fib6_rules.c:121\n ip6_route_output_flags_noref+0x2e6/0x380 net/ipv6/route.c:2625\n ip6_route_output_flags+0x76/0x320 net/ipv6/route.c:2638\n ip6_route_output include/net/ip6_route.h:98 [inline]\n ip6_dst_lookup_tail+0x5ab/0x1620 net/ipv6/ip6_output.c:1092\n ip6_dst_lookup_flow+0x90/0x1d0 net/ipv6/ip6_output.c:1222\n ip6_sk_dst_lookup_flow+0x553/0x980 net/ipv6/ip6_output.c:1260\n udpv6_sendmsg+0x151d/0x2c80 net/ipv6/udp.c:1554\n inet6_sendmsg+0x9d/0xe0 net/ipv6/af_inet6.c:665\n sock_sendmsg_nosec n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48956",
"url": "https://www.suse.com/security/cve/CVE-2022-48956"
},
{
"category": "external",
"summary": "SUSE Bug 1231893 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1231893"
},
{
"category": "external",
"summary": "SUSE Bug 1232799 for CVE-2022-48956",
"url": "https://bugzilla.suse.com/1232799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2022-48956"
},
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2023-52846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Prevent use after free in prp_create_tagged_frame()\n\nThe prp_fill_rct() function can fail. In that situation, it frees the\nskb and returns NULL. Meanwhile on the success path, it returns the\noriginal skb. So it\u0027s straight forward to fix bug by using the returned\nvalue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52846",
"url": "https://www.suse.com/security/cve/CVE-2023-52846"
},
{
"category": "external",
"summary": "SUSE Bug 1225098 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225098"
},
{
"category": "external",
"summary": "SUSE Bug 1225099 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2023-52846"
},
{
"cve": "CVE-2024-26923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix garbage collector racing against connect()\n\nGarbage collector does not take into account the risk of embryo getting\nenqueued during the garbage collection. If such embryo has a peer that\ncarries SCM_RIGHTS, two consecutive passes of scan_children() may see a\ndifferent set of children. Leading to an incorrectly elevated inflight\ncount, and then a dangling pointer within the gc_inflight_list.\n\nsockets are AF_UNIX/SOCK_STREAM\nS is an unconnected socket\nL is a listening in-flight socket bound to addr, not in fdtable\nV\u0027s fd will be passed via sendmsg(), gets inflight count bumped\n\nconnect(S, addr)\tsendmsg(S, [V]); close(V)\t__unix_gc()\n----------------\t-------------------------\t-----------\n\nNS = unix_create1()\nskb1 = sock_wmalloc(NS)\nL = unix_find_other(addr)\nunix_state_lock(L)\nunix_peer(S) = NS\n\t\t\t// V count=1 inflight=0\n\n \t\t\tNS = unix_peer(S)\n \t\t\tskb2 = sock_alloc()\n\t\t\tskb_queue_tail(NS, skb2[V])\n\n\t\t\t// V became in-flight\n\t\t\t// V count=2 inflight=1\n\n\t\t\tclose(V)\n\n\t\t\t// V count=1 inflight=1\n\t\t\t// GC candidate condition met\n\n\t\t\t\t\t\tfor u in gc_inflight_list:\n\t\t\t\t\t\t if (total_refs == inflight_refs)\n\t\t\t\t\t\t add u to gc_candidates\n\n\t\t\t\t\t\t// gc_candidates={L, V}\n\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t scan_children(u, dec_inflight)\n\n\t\t\t\t\t\t// embryo (skb1) was not\n\t\t\t\t\t\t// reachable from L yet, so V\u0027s\n\t\t\t\t\t\t// inflight remains unchanged\n__skb_queue_tail(L, skb1)\nunix_state_unlock(L)\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t if (u.inflight)\n\t\t\t\t\t\t scan_children(u, inc_inflight_move_tail)\n\n\t\t\t\t\t\t// V count=1 inflight=2 (!)\n\nIf there is a GC-candidate listening socket, lock/unlock its state. This\nmakes GC wait until the end of any ongoing connect() to that socket. After\nflipping the lock, a possibly SCM-laden embryo is already enqueued. And if\nthere is another embryo coming, it can not possibly carry SCM_RIGHTS. At\nthis point, unix_inflight() can not happen because unix_gc_lock is already\ntaken. Inflight graph remains unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26923",
"url": "https://www.suse.com/security/cve/CVE-2024-26923"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1223683 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-35861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35861",
"url": "https://www.suse.com/security/cve/CVE-2024-35861"
},
{
"category": "external",
"summary": "SUSE Bug 1224766 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "external",
"summary": "SUSE Bug 1225312 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1225312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2024-35861"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev-\u003emode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors\u0027\nmode lists, which are protected by dev-\u003emode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35950",
"url": "https://www.suse.com/security/cve/CVE-2024-35950"
},
{
"category": "external",
"summary": "SUSE Bug 1224703 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "external",
"summary": "SUSE Bug 1225310 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1225310"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-36899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: Fix use after free in lineinfo_changed_notify\n\nThe use-after-free issue occurs as follows: when the GPIO chip device file\nis being closed by invoking gpio_chrdev_release(), watched_lines is freed\nby bitmap_free(), but the unregistration of lineinfo_changed_nb notifier\nchain failed due to waiting write rwsem. Additionally, one of the GPIO\nchip\u0027s lines is also in the release process and holds the notifier chain\u0027s\nread rwsem. Consequently, a race condition leads to the use-after-free of\nwatched_lines.\n\nHere is the typical stack when issue happened:\n\n[free]\ngpio_chrdev_release()\n --\u003e bitmap_free(cdev-\u003ewatched_lines) \u003c-- freed\n --\u003e blocking_notifier_chain_unregister()\n --\u003e down_write(\u0026nh-\u003erwsem) \u003c-- waiting rwsem\n --\u003e __down_write_common()\n --\u003e rwsem_down_write_slowpath()\n --\u003e schedule_preempt_disabled()\n --\u003e schedule()\n\n[use]\nst54spi_gpio_dev_release()\n --\u003e gpio_free()\n --\u003e gpiod_free()\n --\u003e gpiod_free_commit()\n --\u003e gpiod_line_state_notify()\n --\u003e blocking_notifier_call_chain()\n --\u003e down_read(\u0026nh-\u003erwsem); \u003c-- held rwsem\n --\u003e notifier_call_chain()\n --\u003e lineinfo_changed_notify()\n --\u003e test_bit(xxxx, cdev-\u003ewatched_lines) \u003c-- use after free\n\nThe side effect of the use-after-free issue is that a GPIO line event is\nbeing generated for userspace where it shouldn\u0027t. However, since the chrdev\nis being closed, userspace won\u0027t have the chance to read that event anyway.\n\nTo fix the issue, call the bitmap_free() function after the unregistration\nof lineinfo_changed_nb notifier chain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36899",
"url": "https://www.suse.com/security/cve/CVE-2024-36899"
},
{
"category": "external",
"summary": "SUSE Bug 1225737 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225737"
},
{
"category": "external",
"summary": "SUSE Bug 1225739 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2024-36899"
},
{
"cve": "CVE-2024-36904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Use refcount_inc_not_zero() in tcp_twsk_unique().\n\nAnderson Nascimento reported a use-after-free splat in tcp_twsk_unique()\nwith nice analysis.\n\nSince commit ec94c2696f0b (\"tcp/dccp: avoid one atomic operation for\ntimewait hashdance\"), inet_twsk_hashdance() sets TIME-WAIT socket\u0027s\nsk_refcnt after putting it into ehash and releasing the bucket lock.\n\nThus, there is a small race window where other threads could try to\nreuse the port during connect() and call sock_hold() in tcp_twsk_unique()\nfor the TIME-WAIT socket with zero refcnt.\n\nIf that happens, the refcnt taken by tcp_twsk_unique() is overwritten\nand sock_put() will cause underflow, triggering a real use-after-free\nsomewhere else.\n\nTo avoid the use-after-free, we need to use refcount_inc_not_zero() in\ntcp_twsk_unique() and give up on reusing the port if it returns false.\n\n[0]:\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 0 PID: 1039313 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110\nCPU: 0 PID: 1039313 Comm: trigger Not tainted 6.8.6-200.fc39.x86_64 #1\nHardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.21805430.B64.2305221830 05/22/2023\nRIP: 0010:refcount_warn_saturate+0xe5/0x110\nCode: 42 8e ff 0f 0b c3 cc cc cc cc 80 3d aa 13 ea 01 00 0f 85 5e ff ff ff 48 c7 c7 f8 8e b7 82 c6 05 96 13 ea 01 01 e8 7b 42 8e ff \u003c0f\u003e 0b c3 cc cc cc cc 48 c7 c7 50 8f b7 82 c6 05 7a 13 ea 01 01 e8\nRSP: 0018:ffffc90006b43b60 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888009bb3ef0 RCX: 0000000000000027\nRDX: ffff88807be218c8 RSI: 0000000000000001 RDI: ffff88807be218c0\nRBP: 0000000000069d70 R08: 0000000000000000 R09: ffffc90006b439f0\nR10: ffffc90006b439e8 R11: 0000000000000003 R12: ffff8880029ede84\nR13: 0000000000004e20 R14: ffffffff84356dc0 R15: ffff888009bb3ef0\nFS: 00007f62c10926c0(0000) GS:ffff88807be00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020ccb000 CR3: 000000004628c005 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xe5/0x110\n ? __warn+0x81/0x130\n ? refcount_warn_saturate+0xe5/0x110\n ? report_bug+0x171/0x1a0\n ? refcount_warn_saturate+0xe5/0x110\n ? handle_bug+0x3c/0x80\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? refcount_warn_saturate+0xe5/0x110\n tcp_twsk_unique+0x186/0x190\n __inet_check_established+0x176/0x2d0\n __inet_hash_connect+0x74/0x7d0\n ? __pfx___inet_check_established+0x10/0x10\n tcp_v4_connect+0x278/0x530\n __inet_stream_connect+0x10f/0x3d0\n inet_stream_connect+0x3a/0x60\n __sys_connect+0xa8/0xd0\n __x64_sys_connect+0x18/0x20\n do_syscall_64+0x83/0x170\n entry_SYSCALL_64_after_hwframe+0x78/0x80\nRIP: 0033:0x7f62c11a885d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d a3 45 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007f62c1091e58 EFLAGS: 00000296 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000020ccb004 RCX: 00007f62c11a885d\nRDX: 0000000000000010 RSI: 0000000020ccb000 RDI: 0000000000000003\nRBP: 00007f62c1091e90 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000296 R12: 00007f62c10926c0\nR13: ffffffffffffff88 R14: 0000000000000000 R15: 00007ffe237885b0\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36904",
"url": "https://www.suse.com/security/cve/CVE-2024-36904"
},
{
"category": "external",
"summary": "SUSE Bug 1225732 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225732"
},
{
"category": "external",
"summary": "SUSE Bug 1225733 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2024-36904"
},
{
"cve": "CVE-2024-36964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36964",
"url": "https://www.suse.com/security/cve/CVE-2024-36964"
},
{
"category": "external",
"summary": "SUSE Bug 1225866 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "external",
"summary": "SUSE Bug 1226325 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1226325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-40954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not leave a dangling sk pointer, when socket creation fails\n\nIt is possible to trigger a use-after-free by:\n * attaching an fentry probe to __sock_release() and the probe calling the\n bpf_get_socket_cookie() helper\n * running traceroute -I 1.1.1.1 on a freshly booted VM\n\nA KASAN enabled kernel will log something like below (decoded and stripped):\n==================================================================\nBUG: KASAN: slab-use-after-free in __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nRead of size 8 at addr ffff888007110dd8 by task traceroute/299\n\nCPU: 2 PID: 299 Comm: traceroute Tainted: G E 6.10.0-rc2+ #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\nprint_report (mm/kasan/report.c:378 mm/kasan/report.c:488)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_report (mm/kasan/report.c:603)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_check_range (mm/kasan/generic.c:183 mm/kasan/generic.c:189)\n__sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nbpf_get_socket_ptr_cookie (./arch/x86/include/asm/preempt.h:94 ./include/linux/sock_diag.h:42 net/core/filter.c:5094 net/core/filter.c:5092)\nbpf_prog_875642cf11f1d139___sock_release+0x6e/0x8e\nbpf_trampoline_6442506592+0x47/0xaf\n__sock_release (net/socket.c:652)\n__sock_create (net/socket.c:1601)\n...\nAllocated by task 299 on cpu 2 at 78.328492s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\n__kasan_slab_alloc (mm/kasan/common.c:312 mm/kasan/common.c:338)\nkmem_cache_alloc_noprof (mm/slub.c:3941 mm/slub.c:4000 mm/slub.c:4007)\nsk_prot_alloc (net/core/sock.c:2075)\nsk_alloc (net/core/sock.c:2134)\ninet_create (net/ipv4/af_inet.c:327 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFreed by task 299 on cpu 2 at 78.328502s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\nkasan_save_free_info (mm/kasan/generic.c:582)\npoison_slab_object (mm/kasan/common.c:242)\n__kasan_slab_free (mm/kasan/common.c:256)\nkmem_cache_free (mm/slub.c:4437 mm/slub.c:4511)\n__sk_destruct (net/core/sock.c:2117 net/core/sock.c:2208)\ninet_create (net/ipv4/af_inet.c:397 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by clearing the struct socket reference in sk_common_release() to cover\nall protocol families create functions, which may already attached the\nreference to the sk object with sock_init_data().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40954",
"url": "https://www.suse.com/security/cve/CVE-2024-40954"
},
{
"category": "external",
"summary": "SUSE Bug 1227808 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1227808"
},
{
"category": "external",
"summary": "SUSE Bug 1228786 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1228786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2024-40954"
},
{
"cve": "CVE-2024-41059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix uninit-value in copy_name\n\n[syzbot reported]\nBUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160\n sized_strscpy+0xc4/0x160\n copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411\n hfsplus_listxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3877 [inline]\n slab_alloc_node mm/slub.c:3918 [inline]\n kmalloc_trace+0x57b/0xbe0 mm/slub.c:4065\n kmalloc include/linux/slab.h:628 [inline]\n hfsplus_listxattr+0x4cc/0x1a50 fs/hfsplus/xattr.c:699\n vfs_listxattr fs/xattr.c:493 [inline]\n listxattr+0x1f3/0x6b0 fs/xattr.c:840\n path_listxattr fs/xattr.c:864 [inline]\n __do_sys_listxattr fs/xattr.c:876 [inline]\n __se_sys_listxattr fs/xattr.c:873 [inline]\n __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873\n x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[Fix]\nWhen allocating memory to strbuf, initialize memory to 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41059",
"url": "https://www.suse.com/security/cve/CVE-2024-41059"
},
{
"category": "external",
"summary": "SUSE Bug 1228561 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228561"
},
{
"category": "external",
"summary": "SUSE Bug 1228573 for CVE-2024-41059",
"url": "https://bugzilla.suse.com/1228573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2024-41059"
},
{
"cve": "CVE-2024-43861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: qmi_wwan: fix memory leak for not ip packets\n\nFree the unused skb when not ip packets arrive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43861",
"url": "https://www.suse.com/security/cve/CVE-2024-43861"
},
{
"category": "external",
"summary": "SUSE Bug 1229500 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229500"
},
{
"category": "external",
"summary": "SUSE Bug 1229553 for CVE-2024-43861",
"url": "https://bugzilla.suse.com/1229553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2024-43861"
},
{
"cve": "CVE-2024-50264",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50264"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50264",
"url": "https://www.suse.com/security/cve/CVE-2024-50264"
},
{
"category": "external",
"summary": "SUSE Bug 1233453 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "external",
"summary": "SUSE Bug 1233712 for CVE-2024-50264",
"url": "https://bugzilla.suse.com/1233712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_122-default-7-150400.9.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-14T20:34:35Z",
"details": "important"
}
],
"title": "CVE-2024-50264"
}
]
}
SUSE-SU-2025:20247-1
Vulnerability from csaf_suse - Published: 2025-03-27 14:05 - Updated: 2025-03-27 14:05Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52778: mptcp: deal with large GSO size (bsc#1224948).
- CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823).
- CVE-2024-26596: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events (bsc#1220355).
- CVE-2024-26741: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished() (bsc#1222587).
- CVE-2024-26782: mptcp: fix double-free on socket dismantle (bsc#1222590).
- CVE-2024-26953: net: esp: fix bad handling of pages from page_pool (bsc#1223656).
- CVE-2024-27017: netfilter: nft_set_pipapo: walk over current view on netlink dump (bsc#1223733).
- CVE-2024-35888: erspan: make sure erspan_base_hdr is present in skb->head (bsc#1224518).
- CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548).
- CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797).
- CVE-2024-36883: net: fix out-of-bounds access in ops_init (bsc#1225725).
- CVE-2024-36886: tipc: fix UAF in error path (bsc#1225730).
- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).
- CVE-2024-36927: ipv4: Fix uninit-value access in __ip_make_skb() (bsc#1225813).
- CVE-2024-36954: tipc: fix a possible memleak in tipc_buf_append (bsc#1225764).
- CVE-2024-36968: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() (bsc#1226130).
- CVE-2024-38589: netrom: fix possible dead-lock in nr_rt_ioctl() (bsc#1226748).
- CVE-2024-40914: mm/huge_memory: do not unpoison huge_zero_folio (bsc#1227842).
- CVE-2024-41023: sched/deadline: Fix task_struct reference leak (bsc#1228430).
- CVE-2024-41031: mm/filemap: skip to create PMD-sized page cache if needed (bsc#1228454).
- CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620).
- CVE-2024-42102: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (bsc#1233132).
- CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179).
- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).
- CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456).
- CVE-2024-46678: bonding: change ipsec_lock from spin lock to mutex (bsc#1230550).
- CVE-2024-46680: Bluetooth: btnxpuart: Fix random crash seen while removing driver (bsc#1230557).
- CVE-2024-46681: pktgen: use cpus_read_lock() in pg_net_init() (bsc#1230558).
- CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
- CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801).
- CVE-2024-46765: ice: protect XDP configuration with a mutex (bsc#1230807).
- CVE-2024-46766: ice: move netif_queue_set_napi to rtnl-protected sections (bsc#1230762).
- CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
- CVE-2024-46775: drm/amd/display: Validate function returns (bsc#1230774).
- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191).
- CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197).
- CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115).
- CVE-2024-46831: net: microchip: vcap: Fix use-after-free error in kunit test (bsc#1231117).
- CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096).
- CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105).
- CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094).
- CVE-2024-46843: scsi: ufs: core: Remove SCSI host only if added (bsc#1231100).
- CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
- CVE-2024-46855: netfilter: nft_socket: fix sk refcount leaks (bsc#1231085).
- CVE-2024-46857: net/mlx5: Fix bridge mode operations when there are no VFs (bsc#1231087).
- CVE-2024-46870: drm/amd/display: Disable DMCUB timeout for DCN35 (bsc#1231435).
- CVE-2024-47658: crypto: stm32/cryp - call finalize with bh disabled (bsc#1231436).
- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).
- CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442).
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673).
- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode() and iput() (bsc#1231930).
- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987).
- CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998).
- CVE-2024-47687: vdpa/mlx5: Fix invalid mr resource destroy (bsc#1232003).
- CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857).
- CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920).
- CVE-2024-47703: bpf, lsm: add check for BPF LSM return value (bsc#1231946).
- CVE-2024-47704: drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944).
- CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872).
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942).
- CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935).
- CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049).
- CVE-2024-47727: x86/tdx: Fix "in-kernel MMIO" check (bsc#1232116).
- CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075).
- CVE-2024-47731: drivers/perf: Fix ali_drw_pmu driver interrupt status clearing (bsc#1232117).
- CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124).
- CVE-2024-47741: btrfs: fix race setting file private on concurrent lseek using same fd (bsc#1231869).
- CVE-2024-47745: mm: call the security_mmap_file() LSM hook in remap_file_pages() (bsc#1232135).
- CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145).
- CVE-2024-47752: media: mediatek: vcodec: Fix H264 stateless decoder smatch warning (bsc#1232130).
- CVE-2024-47753: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning (bsc#1231868).
- CVE-2024-47754: media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning (bsc#1232131).
- CVE-2024-49852: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() (bsc#1232819).
- CVE-2024-49864: rxrpc: Fix a race between socket set up and I/O thread creation (bsc#1232256).
- CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232262).
- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).
- CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201).
- CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200).
- CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199).
- CVE-2024-49888: bpf: Fix a sdiv overflow issue (bsc#1232208).
- CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217).
- CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element's default to 1 (bsc#1232220).
- CVE-2024-49894: drm/amd/display: Fix index out of bounds in degamma hardware format translation (bsc#1232354).
- CVE-2024-49895: drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation (bsc#1232352).
- CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221).
- CVE-2024-49897: drm/amd/display: Check phantom_stream before it is used (bsc#1232355).
- CVE-2024-49898: drm/amd/display: Check null-initialized variables (bsc#1232222).
- CVE-2024-49899: drm/amd/display: Initialize denominators' default to 1 (bsc#1232358).
- CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305).
- CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332).
- CVE-2024-49907: drm/amd/display: Check null pointers before using dc->clk_mgr (bsc#1232334).
- CVE-2024-49909: drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (bsc#1232337).
- CVE-2024-49911: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (bsc#1232366).
- CVE-2024-49912: drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream' (bsc#1232367).
- CVE-2024-49913: drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream (bsc#1232307).
- CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369).
- CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw (bsc#1231965).
- CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967).
- CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968).
- CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313).
- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).
- CVE-2024-49922: drm/amd/display: Check null pointers before using them (bsc#1232374).
- CVE-2024-49923: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (bsc#1232361).
- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)
- CVE-2024-49933: blk_iocost: fix more out of bound shifts (bsc#1232368).
- CVE-2024-49934: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name (bsc#1232387).
- CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424).
- CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166).
- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).
- CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164).
- CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160).
- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).
- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).
- CVE-2024-49953: net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (bsc#1232156).
- CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155).
- CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151).
- CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149).
- CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395).
- CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140).
- CVE-2024-49968: ext4: filesystems without casefold feature cannot be mounted with siphash (bsc#1232264).
- CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519).
- CVE-2024-49972: drm/amd/display: Deallocate DML memory if allocation fails (bsc#1232315).
- CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105).
- CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383).
- CVE-2024-49983: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free (bsc#1232096).
- CVE-2024-49986: platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors (bsc#1232093).
- CVE-2024-49987: bpftool: Fix undefined behavior in qsort(NULL, 0, ...) (bsc#1232258).
- CVE-2024-49989: drm/amd/display: fix double free issue during amdgpu module unload (bsc#1232483).
- CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282).
- CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316).
- CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432).
- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).
- CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085).
- CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084).
- CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083).
- CVE-2024-50003: drm/amd/display: Fix system hang while resume with TBT monitor (bsc#1232385).
- CVE-2024-50004: drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35 (bsc#1232396).
- CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442).
- CVE-2024-50009: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value (bsc#1232318).
- CVE-2024-50012: cpufreq: Avoid a bad reference count on CPU node (bsc#1232386).
- CVE-2024-50014: ext4: fix access to uninitialised lock in fc replay path (bsc#1232446).
- CVE-2024-50015: ext4: dax: fix overflowing extents beyond inode size when partially writing (bsc#1232079).
- CVE-2024-50020: ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count() (bsc#1231989).
- CVE-2024-50021: ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins() (bsc#1231957).
- CVE-2024-50022: device-dax: correct pgoff align in dax_set_mapping() (bsc#1231956).
- CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954).
- CVE-2024-50027: thermal: core: Free tzp copy along with the thermal zone (bsc#1231951).
- CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950).
- CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914).
- CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392).
- CVE-2024-50040: igb: Do not bring the device up after non-fatal error (bsc#1231908).
- CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907).
- CVE-2024-50042: ice: Fix increasing MSI-X on VF (bsc#1231906).
- CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903).
- CVE-2024-50046: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902).
- CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418).
- CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345).
- CVE-2024-50060: io_uring: check if we need to reschedule during overflow flush (bsc#1232417).
- CVE-2024-50063: bpf: Prevent tail call between progs attached to different hooks (bsc#1232435).
- CVE-2024-50064: zram: free secondary algorithms names (bsc#1231901).
- CVE-2024-50080: ublk: do not allow user copy for unprivileged device (bsc#1232502).
- CVE-2024-50081: blk-mq: setup queue ->tag_set before initializing hctx (bsc#1232501).
- CVE-2024-50082: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (bsc#1232500).
- CVE-2024-50084: net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test() (bsc#1232494).
- CVE-2024-50087: btrfs: fix uninitialized pointer free on read_alloc_one_name() error (bsc#1232499).
- CVE-2024-50088: btrfs: fix uninitialized pointer free in add_inode_ref() (bsc#1232498).
- CVE-2024-50098: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down (bsc#1232881).
- CVE-2024-50110: xfrm: fix one more kernel-infoleak in algo dumping (bsc#1232885).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50124: Bluetooth: ISO: Fix UAF on iso_sock_timeout (bsc#1232926).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907).
- CVE-2024-50128: net: wwan: fix global oob in wwan_rtnl_policy (bsc#1232905).
- CVE-2024-50130: netfilter: bpf: must hold reference on net namespace (bsc#1232894).
- CVE-2024-50138: bpf: Use raw_spinlock_t in ringbuf (bsc#1232935).
- CVE-2024-50139: KVM: arm64: Fix shift-out-of-bounds bug (bsc#1233062).
- CVE-2024-50145: octeon_ep: add SKB allocation failures handling in __octep_oq_process_rx() (bsc#1233044).
- CVE-2024-50153: scsi: target: core: Fix null-ptr-deref in target_alloc_device() (bsc#1233061).
- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).
- CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050).
- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).
- CVE-2024-50169: vsock: Update rx_bytes on read_skb() (bsc#1233320).
- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).
- CVE-2024-50177: drm/amd/display: fix a UBSAN warning in DML2.1 (bsc#1233115).
- CVE-2024-50182: secretmem: disable memfd_secret() if arch cannot set direct map (bsc#1233129).
- CVE-2024-50184: virtio_pmem: Check device status before requesting flush (bsc#1233135).
- CVE-2024-50186: net: explicitly clear the sk pointer, when pf->create fails (bsc#1233110).
- CVE-2024-50192: irqchip/gic-v4: Do not allow a VMOVP on a dying VPE (bsc#1233106).
- CVE-2024-50225: btrfs: fix error propagation of split bios (bsc#1233193).
- CVE-2024-50228: mm: shmem: fix data-race in shmem_getattr() (bsc#1233204).
- CVE-2024-50230: nilfs2: fix kernel bug due to missing clearing of checked flag (bsc#1233206).
- CVE-2024-50245: fs/ntfs3: Fix possible deadlock in mi_read (bsc#1233203).
- CVE-2024-50246: fs/ntfs3: Add rough attr alloc_size check (bsc#1233207).
- CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233226).
- CVE-2024-50252: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address (bsc#1233201).
- CVE-2024-50257: netfilter: Fix use-after-free in get_info() (bsc#1233244).
- CVE-2024-50261: macsec: Fix use-after-free while sending the offloading packet (bsc#1233253).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50271: signal: restore the override_rlimit logic (bsc#1233460).
- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).
- CVE-2024-50274: idpf: avoid vport access in idpf_get_link_ksettings (bsc#1233463).
- CVE-2024-50275: arm64/sve: Discard stale CPU state when handling SVE traps (bsc#1233464).
- CVE-2024-50276: net: vertexcom: mse102x: Fix possible double free of TX skb (bsc#1233465).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).
- CVE-2024-50295: net: arc: fix the device for dma_map_single/dma_unmap_single (bsc#1233484).
- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).
- CVE-2024-50298: net: enetc: allocate vf_state during PF probes (bsc#1233487).
- CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233540).
- CVE-2024-53043: mctp i2c: handle NULL header address (bsc#1233523).
- CVE-2024-53048: ice: fix crash on probe for DPLL enabled E810 LOM (bsc#1233721).
- CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547).
- CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550).
- CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568).
- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).
- CVE-2024-53079: mm/thp: fix deferred split unqueue naming and locking (bsc#1233570).
- CVE-2024-53082: virtio_net: Add hash_key_length check (bsc#1233573).
- CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642).
- CVE-2024-53110: vp_vdpa: fix id_table array not null terminated error (bsc#1234085).
- CVE-2024-53121: net/mlx5: fs, lock FTE when checking if active (bsc#1234078).
- CVE-2024-53138: net/mlx5e: kTLS, Fix incorrect page refcounting (bsc#1234223).
The following non-security bugs were fixed:
- 9p: explicitly deny setlease attempts (git-fixes).
- ACPI: CPPC: Add support for setting EPP register in FFH (stable-fixes).
- ACPI: CPPC: Fix _CPC register setting issue (git-fixes).
- ACPI: CPPC: Make rmw_lock a raw_spin_lock (git-fixes).
- ACPI: EC: Do not release locks during operation region accesses (stable-fixes).
- ACPI: PAD: fix crash in exit_round_robin() (stable-fixes).
- ACPI: PRM: Clean up guid type in struct prm_handler_info (git-fixes).
- ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context (git-fixes).
- ACPI: battery: Fix possible crash when unregistering a battery hook (git-fixes).
- ACPI: battery: Simplify battery hook locking (stable-fixes).
- ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue (stable-fixes).
- ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[] (stable-fixes).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx (stable-fixes).
- ACPI: video: Add force_vendor quirk for Panasonic Toughbook CF-18 (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_field() fails (stable-fixes).
- ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails (stable-fixes).
- ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (stable-fixes).
- ACPICA: iasl: handle empty connection_node (stable-fixes).
- ALSA/hda: intel-sdw-acpi: cleanup sdw_intel_scan_controller (stable-fixes).
- ALSA/hda: intel-sdw-acpi: fetch fwnode once in sdw_intel_scan_controller() (stable-fixes).
- ALSA/hda: intel-sdw-acpi: simplify sdw-master-count property read (stable-fixes).
- ALSA: 6fire: Release resources at card release (git-fixes).
- ALSA: Reorganize kerneldoc parameter names (stable-fixes).
- ALSA: ac97: bus: Fix the mistake in the comment (git-fixes).
- ALSA: asihpi: Fix potential OOB array access (stable-fixes).
- ALSA: caiaq: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ALSA: core: add isascii() check to card ID generator (stable-fixes).
- ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (git-fixes).
- ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() (git-fixes).
- ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 (stable-fixes).
- ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 (git-fixes).
- ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin (git-fixes).
- ALSA: hda/conexant: fix Z60MR100 startup pop issue (stable-fixes).
- ALSA: hda/conexant: fix some typos (stable-fixes).
- ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes).
- ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs (bsc#1219803).
- ALSA: hda/realtek - Fixed Clevo platform headset Mic issue (stable-fixes).
- ALSA: hda/realtek - update set GPIO3 to default for Thinkpad with ALC1318 (git-fixes).
- ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 (stable-fixes).
- ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 (stable-fixes).
- ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593 (stable-fixes).
- ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 (stable-fixes).
- ALSA: hda/realtek: Add support for Samsung Galaxy Book3 360 (NP730QFG) (stable-fixes).
- ALSA: hda/realtek: Apply quirk for Medion E15433 (bsc#1233298).
- ALSA: hda/realtek: Enable mic on Vaio VJFH52 (stable-fixes).
- ALSA: hda/realtek: Enable mute and micmute LED on HP ProBook 430 G8 (stable-fixes).
- ALSA: hda/realtek: Enable speaker pins for Medion E15443 platform (bsc#1233298).
- ALSA: hda/realtek: Fix Internal Speaker and Mic boost of Infinix Y4 Max (bsc#1233298).
- ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 (stable-fixes).
- ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 (stable-fixes).
- ALSA: hda/realtek: Fix the push button function for the ALC257 (git-fixes).
- ALSA: hda/realtek: Limit internal Mic boost on Dell platform (stable-fixes).
- ALSA: hda/realtek: Refactor and simplify Samsung Galaxy Book init (stable-fixes).
- ALSA: hda/realtek: Set PCBeep to default value for ALC274 (stable-fixes).
- ALSA: hda/realtek: Update ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Update ALC256 depop procedure (git-fixes).
- ALSA: hda/realtek: Update default depop procedure (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LED for HP mt645 G8 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 (stable-fixes).
- ALSA: hda/realtek: tas2781: Fix ROG ALLY X audio (stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo Y990 Laptop (stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo, ASUS, Dell projects (stable-fixes).
- ALSA: hda/tas2781: select CRC32 instead of CRC32_SARWATE (git-fixes).
- ALSA: hda: Poll jack events for LS7A HD-Audio (stable-fixes).
- ALSA: hda: Show the codec quirk info at probing (stable-fixes).
- ALSA: hda: Sound support for HP Spectre x360 16 inch model 2024 (stable-fixes).
- ALSA: hda: tas2781: Fix missing setup at runtime PM (bsc#1230132).
- ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes).
- ALSA: ice1712: Remove redundant code in stac9460_dac_vol_put (stable-fixes).
- ALSA: line6: add hw monitor volume control to POD HD500X (stable-fixes).
- ALSA: line6: update contact information (stable-fixes).
- ALSA: mixer_oss: Remove some incorrect kfree_const() usages (git-fixes).
- ALSA: pcm: Add sanity NULL check for the default mmap fault handler (stable-fixes).
- ALSA: silence integer wrapping warning (stable-fixes).
- ALSA: ump: Fix evaluation of MIDI 1.0 FB info (git-fixes).
- ALSA: us122l: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ALSA: usb-audio: Add Pioneer DJ/AlphaTheta DJM-A9 Mixer (stable-fixes).
- ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET (stable-fixes).
- ALSA: usb-audio: Add input value sanity checks for standard types (stable-fixes).
- ALSA: usb-audio: Add logitech Audio profile quirk (stable-fixes).
- ALSA: usb-audio: Add native DSD support for Luxman D-08u (stable-fixes).
- ALSA: usb-audio: Add quirk for HP 320 FHD Webcam (bsc#1232768).
- ALSA: usb-audio: Add quirks for Dell WD19 dock (stable-fixes).
- ALSA: usb-audio: Define macros for quirk table entries (stable-fixes).
- ALSA: usb-audio: Fix Yamaha P-125 Quirk Entry (stable-fixes).
- ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes).
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (stable-fixes).
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (git-fixes).
- ALSA: usb-audio: Make mic volume workarounds globally applicable (stable-fixes).
- ALSA: usb-audio: Replace complex quirk lines with macros (stable-fixes).
- ALSA: usb-audio: Use snprintf instead of sprintf in build_mixer_unit_ctl (stable-fixes).
- ALSA: usb-audio: add mixer mapping for Corsair HS80 (stable-fixes).
- ALSA: usx2y: Use snd_card_free_when_closed() at disconnection (git-fixes).
- ASoC: Intel: avs: da7219: Remove suspend_pre() and resume_post() (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add support for non ACPI instantiated codec (stable-fixes).
- ASoC: Intel: sst: Fix used of uninitialized ctx to log an error (git-fixes).
- ASoC: Intel: sst: Support LPE0F28 ACPI HID (stable-fixes).
- ASoC: SOF: Add i2s bt dai configuration support for AMD platforms (bsc#1233305).
- ASoC: SOF: Add support for configuring PDM interface from topology (bsc#1233305).
- ASoC: SOF: Deprecate invalid enums in IPC3 (bsc#1233305).
- ASoC: SOF: IPC4: get pipeline priority from topology (bsc#1233305).
- ASoC: SOF: IPC4: synchronize fw_config_params with fw definitions (bsc#1233305).
- ASoC: SOF: Refactor sof_i2s_tokens reading to update acpbt dai (bsc#1233305).
- ASoC: SOF: Rename amd_bt sof_dai_type (bsc#1233305).
- ASoC: SOF: Wire up buffer flags (bsc#1233305).
- ASoC: SOF: add alignment for topology header file struct definition (bsc#1233305).
- ASoC: SOF: align topology header file with sof topology header (bsc#1233305).
- ASoC: SOF: ipc3-topology: Convert the topology pin index to ALH dai index (git-fixes).
- ASoC: SOF: ipc3-topology: fix resource leaks in sof_ipc3_widget_setup_comp_dai() (git-fixes).
- ASoC: SOF: ipc4-control: Add support for ALSA enum control (bsc#1233305).
- ASoC: SOF: ipc4-control: Add support for ALSA switch control (bsc#1233305).
- ASoC: SOF: ipc4-mtrace: move debug slot related definitions to header.h (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add deep buffer size to debug prints (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add definition for generic switch/enum control (bsc#1233305).
- ASoC: SOF: ipc4-topology: Add module ID print during module set up (bsc#1233305).
- ASoC: SOF: ipc4-topology: Helper to find an swidget by module/instance id (bsc#1233305).
- ASoC: SOF: ipc4-topology: Only handle dai_config with HW_PARAMS for ChainDMA (bsc#1233305).
- ASoC: SOF: ipc4-topology: change chain_dma handling in dai_config (bsc#1233305).
- ASoC: SOF: ipc4-topology: export sof_ipc4_copier_is_single_format (bsc#1233305).
- ASoC: SOF: ipc4-topology: set config_length based on device_count (bsc#1233305).
- ASoC: SOF: ipc4: Add data struct for module notification message from firmware (bsc#1233305).
- ASoC: SOF: ipc4: Add new message type: SOF_IPC4_GLB_LOAD_LIBRARY_PREPARE (bsc#1233305).
- ASoC: SOF: sof-client-probes-ipc4: Set param_size extension bits (git-fixes).
- ASoC: SOF: topology: Parse DAI type token for dspless mode (bsc#1233305).
- ASoC: SOF: topology: dynamically allocate and store DAI widget->private (bsc#1233305).
- ASoC: amd: yc: Add quirk for ASUS Vivobook S15 M3502RA (stable-fixes).
- ASoC: amd: yc: Add quirk for HP Dragonfly pro one (stable-fixes).
- ASoC: amd: yc: Fix for enabling DMIC on acp6x via _DSD entry (git-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA (stable-fixes).
- ASoC: amd: yc: Support dmic on another model of Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022 (stable-fixes).
- ASoC: atmel: mchp-pdmc: Skip ALSA restoration if substream runtime is uninitialized (git-fixes).
- ASoC: audio-graph-card2: Purge absent supplies for device tree nodes (stable-fixes).
- ASoC: codecs: Fix atomicity violation in snd_soc_component_get_drvdata() (git-fixes).
- ASoC: codecs: lpass-rx-macro: add missing CDC_RX_BCL_VBAT_RF_PROC2 to default regs values (stable-fixes).
- ASoC: codecs: rt5640: Always disable IRQs from rt5640_cancel_work() (stable-fixes).
- ASoC: codecs: wsa883x: Handle reading version failure (stable-fixes).
- ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() (git-fixes).
- ASoC: dapm: fix bounds checker error in dapm_widget_list_create (git-fixes).
- ASoC: fsl_micfil: Add sample rate constraint (stable-fixes).
- ASoC: fsl_micfil: fix regmap_write_bits usage (git-fixes).
- ASoC: fsl_sai: Enable 'FIFO continue on error' FCONT bit (stable-fixes).
- ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m (git-fixes).
- ASoC: max98388: Fix missing increment of variable slot_found (git-fixes).
- ASoC: mediatek: mt8188-mt6359: Remove hardcoded dmic codec (git-fixes).
- ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
- ASoC: qcom: sm8250: add qrb4210-rb2-sndcard compatible string (stable-fixes).
- ASoC: rt722-sdca: Remove logically deadcode in rt722-sdca.c (git-fixes).
- ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop issue (stable-fixes).
- ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove (git-fixes).
- ASoC: stm: Prevent potential division by zero in stm32_sai_get_clk_div() (stable-fixes).
- ASoC: stm: Prevent potential division by zero in stm32_sai_mclk_round_rate() (stable-fixes).
- ASoC: tas2781: Add new driver version for tas2563 & tas2781 qfn chip (stable-fixes).
- ASoC: tas2781: Use of_property_read_reg() (stable-fixes).
- Bluetooth: Call iso_exit() on module unload (git-fixes).
- Bluetooth: ISO: Fix multiple init when debugfs is disabled (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (git-fixes).
- Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (git-fixes).
- Bluetooth: Remove debugfs directory on module init failure (git-fixes).
- Bluetooth: bnep: fix wild-memory-access in proto_unregister (git-fixes).
- Bluetooth: btintel: Direct exception event to bluetooth stack (git-fixes).
- Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test (bsc#1230557)
- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0489:0xe122 (stable-fixes).
- Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 (git-fixes).
- Bluetooth: fix use-after-free in device_for_each_child() (git-fixes).
- Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs (git-fixes).
- Bluetooth: hci_core: Fix calling mgmt_device_connected (git-fixes).
- Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (git-fixes).
- Documentation: kgdb: Correct parameter error (git-fixes).
- HID: Ignore battery for all ELAN I2C-HID devices (stable-fixes).
- HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() (git-fixes).
- HID: core: zero-initialize the report buffer (git-fixes).
- HID: i2c-hid: Remove I2C_HID_QUIRK_SET_PWR_WAKEUP_DEV quirk (stable-fixes).
- HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard (stable-fixes).
- HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad (stable-fixes).
- HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad (stable-fixes).
- HID: multitouch: Add support for B2402FVA track point (stable-fixes).
- HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio (stable-fixes).
- HID: multitouch: Add support for lenovo Y9000P Touchpad (stable-fixes).
- HID: plantronics: Workaround for an unexcepted opposite volume key (stable-fixes).
- HID: wacom: Interpret tilt data from Intuos Pro BT as signed values (git-fixes).
- HID: wacom: fix when get product name maybe null pointer (git-fixes).
- Input: adp5589-keys - fix NULL pointer dereference (git-fixes).
- Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes).
- Input: edt-ft5x06 - fix regmap leak when probe fails (git-fixes).
- Input: hideep - add missing dependency on REGMAP_I2C (git-fixes).
- Input: hycon-hy46xx - add missing dependency on REGMAP_I2C (git-fixes).
- Input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042 quirk table (stable-fixes).
- Input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk table (stable-fixes).
- Input: i8042 - add another board name for TUXEDO Stellaris Gen5 AMD line (stable-fixes).
- Input: xpad - add GameSir T4 Kaleid Controller support (git-fixes).
- Input: xpad - add GameSir VID for Xbox One controllers (git-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2C Wireless Controller (git-fixes).
- Input: xpad - add support for MSI Claw A1M (git-fixes).
- Input: xpad - add support for Machenike G5 Pro Controller (git-fixes).
- Input: xpad - fix support for some third-party controllers (git-fixes).
- Input: xpad - sort xpad_device by vendor and product ID (git-fixes).
- Input: xpad - spelling fixes for "Xbox" (git-fixes).
- KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit (git-fixes).
- KVM: PPC: Book3S HV: Avoid returning to nested hypervisor on pending doorbells (bsc#1215199).
- KVM: PPC: Book3S HV: Stop using vc->dpdes for nested KVM guests (bsc#1215199).
- KVM: PPC: Book3S HV: remove unused varible (bsc#1194869).
- KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT guests (bsc#1232207).
- KVM: SEV-ES: Prevent MSR access post VMSA encryption (bsc#1232207).
- KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value (git-fixes).
- KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock (git-fixes).
- KVM: VMX: Also clear SGX EDECCSSA in KVM CPU caps when SGX is disabled (git-fixes).
- KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if the GVA is valid (git-fixes).
- KVM: Write the per-page "segment" when clearing (part of) a guest page (git-fixes).
- KVM: s390: Change virtual to physical address access in diag 0x258 handler (git-fixes bsc#1232626).
- KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (git-fixes bsc#1231276).
- KVM: s390: gaccess: Check if guest address is in memslot (git-fixes bsc#1232623).
- KVM: x86/mmu: Skip emulation on page fault iff 1+ SPs were unprotected (git-fixes).
- KVM: x86/mmu: Trigger unprotect logic only on write-protection page faults (git-fixes).
- KVM: x86: Dedup fastpath MSR post-handling logic (git-fixes).
- KVM: x86: Enforce x2APIC's must-be-zero reserved ICR bits (git-fixes).
- KVM: x86: Exit to userspace if fastpath triggers one on instruction skip (git-fixes).
- KVM: x86: Move x2APIC ICR helper above kvm_apic_write_nodecode() (git-fixes).
- KVM: x86: Re-enter guest if WRMSR(X2APIC_ICR) fastpath is successful (git-fixes).
- KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes).
- NFS: Avoid unnecessary rescanning of the per-server delegation list (git-fixes).
- NFS: remove revoked delegation from server's delegation list (git-fixes).
- NFSD: Fix NFSv4's PUTPUBFH operation (git-fixes).
- NFSD: Mark filecache "down" if init fails (git-fixes).
- NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016).
- NFSv4: Fix clearing of layout segments in layoutreturn (git-fixes).
- PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes).
- PCI: Add T_PVPERL macro (git-fixes).
- PCI: Add function 0 DMA alias quirk for Glenfly Arise chip (stable-fixes).
- PCI: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019).
- PCI: Fix reset_method_store() memory leak (git-fixes).
- PCI: Mark Creative Labs EMU20k2 INTx masking as broken (stable-fixes).
- PCI: endpoint: Clear secondary (not primary) EPC in pci_epc_remove_epf() (git-fixes).
- PCI: j721e: Deassert PERST# after a delay of PCIE_T_PVPERL_MS milliseconds (git-fixes).
- PCI: keystone: Add link up check to ks_pcie_other_map_bus() (git-fixes).
- PCI: keystone: Set mode as Root Complex for "ti,keystone-pcie" compatible (git-fixes).
- PCI: rockchip-ep: Fix address translation unit programming (git-fixes).
- RAS/AMD/ATL: Add amd_atl pr_fmt() prefix (jsc#PED-10559).
- RAS/AMD/ATL: Expand helpers for adding and removing base and hole (jsc#PED-10559).
- RAS/AMD/ATL: Implement DF 4.5 NP2 denormalization (jsc#PED-10559).
- RAS/AMD/ATL: Read DRAM hole base early (jsc#PED-10559).
- RAS/AMD/ATL: Validate address map when information is gathered (jsc#PED-10559).
- RDMA/bnxt_re: Add a check for memory allocation (git-fixes)
- RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop (git-fixes)
- RDMA/bnxt_re: Change the sequence of updating the CQ toggle value (git-fixes)
- RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (git-fixes)
- RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes)
- RDMA/bnxt_re: Fix a possible memory leak (git-fixes)
- RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes)
- RDMA/bnxt_re: Fix incorrect dereference of srq in async event (git-fixes)
- RDMA/bnxt_re: Fix out of bound check (git-fixes)
- RDMA/bnxt_re: Fix the GID table length (git-fixes)
- RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes)
- RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes)
- RDMA/bnxt_re: Return more meaningful error (git-fixes)
- RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes)
- RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes)
- RDMA/cxgb4: Dump vendor specific QP details (git-fixes)
- RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes)
- RDMA/hns: Add mutex_destroy() (git-fixes)
- RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes)
- RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (git-fixes)
- RDMA/hns: Fix an AEQE overflow error caused by untimely update of eq_db_ci (git-fixes)
- RDMA/hns: Fix cpu stuck caused by printings during reset (git-fixes)
- RDMA/hns: Fix different dgids mapping to the same dip_idx (git-fixes)
- RDMA/hns: Fix flush cqe error when racing with destroy qp (git-fixes)
- RDMA/hns: Fix out-of-order issue of requester when setting FENCE (git-fixes)
- RDMA/hns: Use dev_* printings in hem code instead of ibdev_* (git-fixes)
- RDMA/hns: Use macro instead of magic number (git-fixes)
- RDMA/irdma: Fix misspelling of "accept*" (git-fixes)
- RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes)
- RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (git-fixes).
- RDMA/mana_ib: use the correct page table index based on hardware page size (git-fixes).
- RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults (git-fixes)
- RDMA/mlx5: Move events notifier registration to be after device registration (git-fixes)
- RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git-fixes)
- RDMA/mlx5: Use sq timestamp as QP timestamp when RoCE is disabled (git-fixes).
- RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git-fixes)
- RDMA/rxe: Fix the qp flush warnings in req (git-fixes)
- RDMA/rxe: Set queue pair cur_qp_state when being queried (git-fixes)
- RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES (git-fixes)
- RDMA/srpt: Make slab cache names unique (git-fixes)
- SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes).
- SUNRPC: Fixup gss_status tracepoint error output (git-fixes).
- SUNRPC: Remove BUG_ON call sites (git-fixes).
- SUNRPC: clnt.c: Remove misleading comment (git-fixes).
- USB: appledisplay: close race between probe and completion handler (git-fixes).
- USB: chaoskey: Fix possible deadlock chaoskey_list_lock (git-fixes).
- USB: chaoskey: fail open after removal (git-fixes).
- USB: gadget: dummy-hcd: Fix "task hung" problem (git-fixes).
- USB: misc: cypress_cy7c63: check for short transfer (git-fixes).
- USB: misc: yurex: fix race between read and write (git-fixes).
- USB: serial: ftdi_sio: Fix atomicity violation in get_serial_info() (git-fixes).
- USB: serial: io_edgeport: fix use after free in debug printk (git-fixes).
- USB: serial: option: add Fibocom FG132 0x0112 composition (stable-fixes).
- USB: serial: option: add Quectel RG650V (stable-fixes).
- USB: serial: option: add Telit FN920C04 MBIM compositions (stable-fixes).
- USB: serial: option: add support for Quectel EG916Q-GL (stable-fixes).
- USB: serial: qcserial: add support for Sierra Wireless EM86xx (stable-fixes).
- Use pahole -j1 option for reproducible builds (bsc#1230414 bsc#1229450).
- accel/qaic: Fix the for loop used to walk SG table (git-fixes).
- accel: Use XArray instead of IDR for minors (jsc#PED-11580).
- acpi/arm64: Adjust error handling procedure in gtdt_parse_timer_block() (git-fixes).
- ad7780: fix division by zero in ad7780_write_raw() (git-fixes).
- aes-gcm-p10: Use the correct bit to test for P10 (bsc#1232704).
- amd-pstate: Set min_perf to nominal_perf for active mode performance gov (git-fixes).
- apparmor: fix 'Do simple duplicate message elimination' (git-fixes).
- apparmor: test: Fix memory leak for aa_unpack_strdup() (git-fixes).
- apparmor: use kvfree_sensitive to free data->data (git-fixes).
- arm64: Subscribe Microsoft Azure Cobalt 100 to erratum 3194386 (git-fixes)
- arm64: cputype: Add Neoverse-N3 definitions (git-fixes)
- arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: Fix SD regulator startup delay (git-fixes)
- arm64: dts: freescale: imx8mp-verdin: Fix SD regulator startup delay (git-fixes)
- arm64: dts: imx8-ss-vpu: Fix imx8qm VPU IRQs (git-fixes)
- arm64: dts: imx8qxp: Add VPU subsystem file (git-fixes)
- arm64: dts: imx93: add nvmem property for eqos (git-fixes)
- arm64: dts: imx93: add nvmem property for fec1 (git-fixes)
- arm64: dts: imx93: add ocotp node (git-fixes)
- arm64: dts: rockchip: Add DTS for FriendlyARM NanoPi R2S Plus (git-fixes)
- arm64: dts: rockchip: Correct GPIO polarity on brcm BT nodes (git-fixes)
- arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes)
- arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes)
- arm64: dts: rockchip: Fix bluetooth properties on rk3566 box demo (git-fixes)
- arm64: dts: rockchip: Fix reset-gpios property on brcm BT nodes (git-fixes)
- arm64: dts: rockchip: Fix rt5651 compatible value on (git-fixes)
- arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-eaidk-610 (git-fixes)
- arm64: dts: rockchip: Fix wakeup prop names on PineNote BT node (git-fixes)
- arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma (git-fixes)
- arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (git-fixes)
- arm64: dts: rockchip: Remove undocumented supports-emmc property (git-fixes)
- arm64: dts: rockchip: fix i2c2 pinctrl-names property on (git-fixes)
- arm64: dts: rockchip: remove num-slots property from (git-fixes)
- arm64: dts: rockchip: remove orphaned pinctrl-names from pinephone (git-fixes)
- arm64: errata: Enable the AC03_CPU_38 workaround for ampere1a (git-fixes).
- arm64: errata: Expand speculative SSBS workaround once more (git-fixes)
- arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes)
- arm64: fix .data.rel.ro size assertion when CONFIG_LTO_CLANG (git-fixes)
- arm64: fix selection of HAVE_DYNAMIC_FTRACE_WITH_ARGS (git-fixes).
- arm64: probes: Fix simulate_ldr*_literal() (git-fixes)
- arm64: probes: Fix uprobes for big-endian kernels (git-fixes)
- arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes)
- arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint (git-fixes)
- arm64: smccc: replace custom COUNT_ARGS() & CONCATENATE() (git-fixes)
- arm64: tegra: Move AGX Orin nodes to correct location (git-fixes)
- arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (git-fixes)
- ata: libata: Set DID_TIME_OUT for commands that actually timed out (git-fixes).
- ata: libata: avoid superfluous disk spin down + spin up during hibernation (git-fixes).
- audit: do not WARN_ON_ONCE(!current->mm) in audit_exe_compare() (git-fixes).
- audit: do not take task_lock() in audit_exe_compare() code path (git-fixes).
- block: print symbolic error name instead of error code (bsc#1231872).
- block: sed-opal: add ioctl IOC_OPAL_SET_SID_PW (bsc#1229677).
- bnxt_en: Cap the size of HWRM_PORT_PHY_QCFG forwarded response (git-fixes).
- bnxt_en: Fix error recovery for 5760X (P7) chips (git-fixes).
- bnxt_en: Fix the PCI-AER routines (git-fixes).
- bnxt_en: Restore PTP tx_avail count in case of skb_pad() error (git-fixes).
- bnxt_en: refactor reset close code (git-fixes).
- bpf, arm64: Fix address emission with tag-based KASAN enabled (git-fixes)
- bpf, arm64: Remove garbage frame for struct_ops trampoline (git-fixes)
- bpf, lsm: Add disabled BPF LSM hook list (git-fixes).
- bpf, net: Fix a potential race in do_sock_getsockopt() (git-fixes).
- bpf, sockmap: SK_DROP on attempted redirects of unsupported af_vsock (git-fixes).
- bpf, verifier: Correct tail_call_reachable for bpf prog (git-fixes).
- bpf, vsock: Drop static vsock_bpf_prot initialization (git-fixes).
- bpf, x64: Remove tail call detection (git-fixes).
- bpf,perf: Fix perf_event_detach_bpf_prog error handling (git-fixes).
- bpf: Fail verification for sign-extension of packet data/data_end/data_meta (git-fixes).
- bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit (git-fixes).
- bpf: Fix error message on kfunc arg type mismatch (git-fixes).
- bpf: Fix helper writes to read-only maps (git-fixes).
- bpf: Fix tailcall cases in test_bpf (git-fixes).
- bpf: Fix truncation bug in coerce_reg_to_size_sx() (git-fixes).
- bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types (git-fixes).
- bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers (git-fixes).
- bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error (git-fixes).
- bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos (git-fixes).
- btf, scripts: rust: drop is_rust_module.sh (bsc#1230414 bsc#1229450).
- btrfs: merge btrfs_orig_bbio_end_io() into btrfs_bio_end_io() (bsc#1233193)
- btrfs: send: fix invalid clone operation for file that got its size decreased (git-fixes).
- can: c_can: c_can_handle_bus_err(): update statistics if skb allocation fails (git-fixes).
- can: c_can: fix {rx,tx}_errors statistics (git-fixes).
- can: dev: can_set_termination(): allow sleeping GPIOs (git-fixes).
- can: ems_usb: ems_usb_rx_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: hi311x: hi3110_can_ist(): fix potential use-after-free (git-fixes).
- can: hi311x: hi3110_can_ist(): fix {rx,tx}_errors statistics (git-fixes).
- can: ifi_canfd: ifi_canfd_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: j1939: j1939_session_new(): fix skb reference counting (git-fixes).
- can: m_can: m_can_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation (git-fixes).
- can: mcp251xfd: mcp251xfd_get_tef_len(): work around erratum DS80000789E 6 (git-fixes).
- can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing configuration when switching CAN modes (git-fixes).
- can: netlink: avoid call to do_set_data_bittiming callback with stale can_priv::ctrlmode (stable-fixes).
- can: sja1000: sja1000_err(): fix {rx,tx}_errors statistics (git-fixes).
- can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL (git-fixes).
- can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics (git-fixes).
- ceph: fix cap ref leak via netfs init_request (bsc#1231384).
- cgroup/bpf: only cgroup v2 can be attached by bpf programs (bsc#1234108).
- clk: bcm: bcm53573: fix OF node leak in init (stable-fixes).
- clk: clk-apple-nco: Add NULL check in applnco_probe (git-fixes).
- clk: clk-axi-clkgen: make sure to enable the AXI bus clock (git-fixes).
- clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (stable-fixes).
- clk: imx: clk-scu: fix clk enable state save and restore (git-fixes).
- clk: imx: fracn-gppll: correct PLL initialization flow (git-fixes).
- clk: imx: fracn-gppll: fix pll power up (git-fixes).
- clk: imx: lpcg-scu: SW workaround for errata (e10858) (git-fixes).
- clk: qcom: clk-alpha-pll: drop lucid-evo pll enabled warning (git-fixes).
- clk: qcom: clk-alpha-pll: fix lucid 5lpe pll enabled check (git-fixes).
- clk: qcom: gcc-qcs404: fix initial rate of GPLL3 (git-fixes).
- clk: renesas: rzg2l: Fix FOUTPOSTDIV clk (git-fixes).
- clk: sunxi-ng: d1: Fix PLL_AUDIO0 preset (git-fixes).
- comedi: Flush partial mappings in error case (git-fixes).
- comedi: ni_routing: tools: Check when the file could not be opened (stable-fixes).
- config s390x: build ultravisor userspace access into the kernel (bsc#1232090)
- config.sh: Remove Arm build project, we do not build armv7 configs
- config: Disable LAM on x86 (bsc#1217845)
- cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems (git-fixes).
- cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost() (git-fixes).
- cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw() (git-fixes).
- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_cost() (git-fixes).
- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_power() (git-fixes).
- cpufreq: loongson2: Unregister platform_driver on failure (git-fixes).
- cpufreq: mediatek-hw: Fix wrong return value in mtk_cpufreq_get_cpu_power() (git-fixes).
- crypto: aes-gcm-p10 - Use the correct bit to test for P10 (bsc#1232704).
- crypto: api - Fix liveliness check in crypto_alg_tested (stable-fixes).
- crypto: bcm - add error check in the ahash_hmac_init function (git-fixes).
- crypto: caam - Fix the pointer passed to caam_qi_shutdown() (git-fixes).
- crypto: caam - add error check to caam_rsa_set_priv_key_form (git-fixes).
- crypto: cavium - Fix an error handling path in cpt_ucode_load_fw() (git-fixes).
- crypto: cavium - Fix the if condition to exit loop after timeout (git-fixes).
- crypto: hisilicon/qm - flush all work before driver removed (bsc#1232075)
- crypto: inside-secure - Fix the return value of safexcel_xcbcmac_cra_init() (git-fixes).
- crypto: octeontx - Fix authenc setkey (stable-fixes).
- crypto: octeontx* - Select CRYPTO_AUTHENC (git-fixes).
- crypto: octeontx2 - Fix authenc setkey (stable-fixes).
- crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (git-fixes).
- crypto: powerpc/p10-aes-gcm - Add dependency on CRYPTO_SIMD and re-enable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Re-write AES/GCM stitched implementation (bsc#1230501 ltc#208632).
- crypto: powerpc/p10-aes-gcm - Register modules as SIMD (bsc#1230501 ltc#208632).
- crypto: qat - remove check after debugfs_create_dir() (git-fixes).
- crypto: qat - remove faulty arbiter config reset (git-fixes).
- crypto: qat/qat_4xxx - fix off by one in uof_get_name() (git-fixes).
- crypto: x86/aegis128 - access 32-bit arguments as 32-bit (git-fixes).
- cxgb4: Properly lock TX queue for the selftest (git-fixes).
- cxgb4: add forgotten u64 ivlan cast before shift (git-fixes).
- cxgb4: unnecessary check for 0 in the free_sge_txq_uld() function (git-fixes).
- cxl: downgrade a warning message to debug level in cxl_probe_component_regs() (bsc#1229165).
- dcache: keep dentry_hashtable or d_hash_shift even when not used (git-fixes).
- debugfs: fix automount d_fsdata usage (git-fixes).
- devlink: Fix command annotation documentation (git-fixes).
- dma-fence: Fix reference leak on fence merge failure path (git-fixes).
- dma-fence: Use kernel's sort for merging fences (git-fixes).
- dmaengine: sh: rz-dmac: handle configs where one address is zero (git-fixes).
- dmaengine: ti: k3-udma: Set EOP for all TRs in cyclic BCDMA transfer (git-fixes).
- doc: rcu: update printed dynticks counter bits (git-fixes).
- driver core: bus: Fix double free in driver API bus_register() (stable-fixes).
- driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute (stable-fixes).
- drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend() (git-fixes).
- drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring (git-fixes).
- drm/amd/display: Add HDMI DSC native YCbCr422 support (stable-fixes).
- drm/amd/display: Add disable timeout option (bsc#1231435)
- drm/amd/display: Adjust VSDB parser for replay feature (stable-fixes).
- drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944)
- drm/amd/display: Check null pointer before dereferencing se (stable-fixes).
- drm/amd/display: Clean up dsc blocks in accelerated mode (stable-fixes).
- drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too (stable-fixes).
- drm/amd/display: Fix brightness level not retained over reboot (git-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe (git-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in hwss_setup_dpp (git-fixes).
- drm/amd/display: Remove a redundant check in authenticated_dp (stable-fixes).
- drm/amd/display: Revert "Check HDCP returned status" (stable-fixes).
- drm/amd/display: Round calculated vtotal (stable-fixes).
- drm/amd/display: Skip to enable dsc if it has been off (stable-fixes).
- drm/amd/display: Validate backlight caps are sane (stable-fixes).
- drm/amd/pm: Vangogh: Fix kernel memory out of bounds write (git-fixes).
- drm/amd: Add some missing straps from NBIO 7.11.0 (git-fixes).
- drm/amd: Fix initialization mistake for NBIO 7.7.0 (stable-fixes).
- drm/amd: Guard against bad data for ATIF ACPI method (git-fixes).
- drm/amdgpu/swsmu: Only force workload setup on init (git-fixes).
- drm/amdgpu/vcn: enable AV1 on both instances (stable-fixes).
- drm/amdgpu: Adjust debugfs eviction and IB access permissions (stable-fixes).
- drm/amdgpu: Adjust debugfs register access permissions (stable-fixes).
- drm/amdgpu: Fix DPX valid mode check on GC 9.4.3 (git-fixes).
- drm/amdgpu: Fix JPEG v4.0.3 register write (git-fixes).
- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() (stable-fixes).
- drm/amdgpu: fix check in gmc_v9_0_get_vm_pte() (git-fixes).
- drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (git-fixes).
- drm/amdkfd: Accounting pdd vram_usage for svm (stable-fixes).
- drm/amdkfd: Fix wrong usage of INIT_WORK() (git-fixes).
- drm/bridge: anx7625: Drop EDID cache on bridge power off (git-fixes).
- drm/bridge: it6505: Drop EDID cache on bridge power off (git-fixes).
- drm/bridge: tc358767: Fix link properties discovery (git-fixes).
- drm/bridge: tc358768: Fix DSI command tx (git-fixes).
- drm/etnaviv: Request pages from DMA32 zone on addressing_limited (git-fixes).
- drm/etnaviv: hold GPU lock across perfmon sampling (git-fixes).
- drm/i915/gem: fix bitwise and logical AND mixup (git-fixes).
- drm/i915/hdcp: fix connector refcounting (git-fixes).
- drm/imx/dcss: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/imx/ipuv3: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/mediatek: Fix child node refcount handling in early exit (git-fixes).
- drm/mediatek: Fix get efuse issue for MT8188 DPTX (git-fixes).
- drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused (git-fixes).
- drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- drm/msm/dpu: cast crtc_clk calculation to u64 in _dpu_core_perf_calc_clk() (git-fixes).
- drm/msm/dpu: check for overflow in _dpu_crtc_setup_lm_bounds() (git-fixes).
- drm/msm/dpu: do not always program merge_3d block (git-fixes).
- drm/msm/dpu: drop LM_3 / LM_4 on MSM8998 (git-fixes).
- drm/msm/dpu: drop LM_3 / LM_4 on SDM845 (git-fixes).
- drm/msm/dpu: make sure phys resources are properly initialized (git-fixes).
- drm/msm/dpu: move CRTC resource assignment to dpu_encoder_virt_atomic_check (git-fixes).
- drm/msm/dpu: on SDM845 move DSPP_3 to LM_5 block (git-fixes).
- drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation (git-fixes).
- drm/msm/dsi: improve/fix dsc pclk calculation (git-fixes).
- drm/msm/gpu: Check the status of registration to PM QoS (git-fixes).
- drm/msm: Allocate memory for disp snapshot with kvzalloc() (git-fixes).
- drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() (git-fixes).
- drm/msm: Fix some typos in comment (git-fixes).
- drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new() (git-fixes).
- drm/omap: Fix locking in omap_gem_new_dmabuf() (git-fixes).
- drm/omap: Fix possible NULL dereference (git-fixes).
- drm/panfrost: Add missing OPP table refcnt decremental (git-fixes).
- drm/panfrost: Remove unused id_mask from struct panfrost_model (git-fixes).
- drm/radeon: Fix encoder->possible_clones (git-fixes).
- drm/rockchip: vop: Fix a dereferenced before check warning (git-fixes).
- drm/sched: Add locking to drm_sched_entity_modify_sched (git-fixes).
- drm/sched: Always wake up correct scheduler in drm_sched_entity_push_job (git-fixes).
- drm/sti: Add __iomem for mixer_dbg_mxn's parameter (git-fixes).
- drm/sti: avoid potential dereference of error pointers (git-fixes).
- drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check (git-fixes).
- drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check (git-fixes).
- drm/v3d: Address race-condition in MMU flush (git-fixes).
- drm/v3d: Enable Performance Counters before clearing them (git-fixes).
- drm/v3d: Stop the active perfmon before being destroyed (git-fixes).
- drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA (stable-fixes).
- drm/vc4: Match drm_dev_enter and exit calls in vc4_hvs_atomic_flush (git-fixes).
- drm/vc4: Match drm_dev_enter and exit calls in vc4_hvs_lut_load (git-fixes).
- drm/vc4: Stop the active perfmon before being destroyed (git-fixes).
- drm/vc4: hdmi: Avoid hang with debug registers when suspended (git-fixes).
- drm/vc4: hvs: Correct logic on stopping an HVS channel (git-fixes).
- drm/vc4: hvs: Do not write gamma luts on 2711 (git-fixes).
- drm/vc4: hvs: Fix dlist debug not resetting the next entry pointer (git-fixes).
- drm/vc4: hvs: Remove incorrect limit from hvs_dlist debugfs function (git-fixes).
- drm/vkms: Drop unnecessary call to drm_crtc_cleanup() (git-fixes).
- drm/vmwgfx: Handle surface check failure correctly (git-fixes).
- drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS (stable-fixes).
- drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS (git-fixes).
- drm: Expand max DRM device number to full MINORBITS (jsc#PED-11580).
- drm: Use XArray instead of IDR for minors (jsc#PED-11580).
- drm: use ATOMIC64_INIT() for atomic64_t (git-fixes).
- drm: xlnx: zynqmp_dpsub: fix hotplug detection (git-fixes).
- drm: zynqmp_kms: Unplug DRM device before removal (git-fixes).
- e1000e: Fix S0ix residency on corporate systems (git-fixes).
- e1000e: Remove Meteor Lake SMBUS workarounds (git-fixes).
- e1000e: change I219 (19) devices to ADP (git-fixes).
- e1000e: fix force smbus during suspend flow (git-fixes).
- e1000e: move force SMBUS near the end of enable_ulp function (git-fixes).
- efi/libstub: Free correct pointer on failure (git-fixes).
- efi/libstub: fix efi_parse_options() ignoring the default command line (git-fixes).
- efi/libstub: zboot.lds: Discard .discard sections (stable-fixes).
- efi/memattr: Ignore table if the size is clearly bogus (bsc#1231465).
- efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (stable-fixes).
- eth: bnxt: fix counting packets discarded due to OOM and netpoll (git-fixes).
- ext4: do not track ranges in fast_commit if inode has inlined data (bsc#1231635).
- ext4: fix fast commit inode enqueueing during a full journal commit (bsc#1231636).
- ext4: fix incorrect tid assumption in ext4_fc_mark_ineligible() (bsc#1231637).
- ext4: fix possible tid_t sequence overflows (bsc#1231634).
- ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201)
- ext4: fix unttached inode after power cut with orphan file feature enabled (bsc#1234009).
- ext4: mark fc as ineligible using an handle in ext4_xattr_set() (bsc#1231640).
- ext4: use handle to mark fc as ineligible in __track_dentry_update() (bsc#1231639).
- f2fs: get out of a repeat loop when getting a locked data page (bsc#1234011).
- fat: fix uninitialized variable (git-fixes).
- fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (stable-fixes).
- fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() (git-fixes).
- fbdev: sisfb: Fix strbuf array overflow (stable-fixes).
- fgraph: Change the name of cpuhp state to "fgraph:online" (git-fixes).
- fgraph: Fix missing unlock in register_ftrace_graph() (git-fixes).
- fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks (git-fixes).
- filemap: remove use of wait bookmarks (bsc#1224088).
- firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() (git-fixes).
- firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() (git-fixes).
- firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (git-fixes).
- firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state() (git-fixes).
- firmware: google: Unregister driver_info on failure (git-fixes).
- firmware_loader: Fix possible resource leak in fw_log_firmware_info() (git-fixes).
- fs/9p: drop inodes immediately on non-.L too (git-fixes).
- fs/9p: fix the cache always being enabled on files with qid flags (git-fixes).
- fs/ntfs3: Add more attributes checks in mi_enum_attr() (bsc#1233207)
- fs/ntfs3: Fixed overflow check in mi_enum_attr() (bsc#1233207)
- fs/ntfs3: Sequential field availability check in mi_enum_attr() (bsc#1233207)
- fs: Fix uninitialized value issue in from_kuid and from_kgid (git-fixes).
- genirq/msi: Fix off-by-one error in msi_domain_alloc() (git-fixes).
- goldfish: Fix unused const variable 'goldfish_pipe_acpi_match' (git-fixes).
- gpio: aspeed: Add the flush write to ensure the write complete (git-fixes).
- gpio: aspeed: Use devm_clk api to manage clock source (git-fixes).
- gpio: davinci: fix lazy disable (git-fixes).
- gpio: exar: set value when external pull-up or pull-down is present (git-fixes).
- gpio: zevio: Add missed label initialisation (git-fixes).
- gve: Fix XDP TX completion handling when counters overflow (git-fixes).
- gve: Fix an edge case for TSO skb validity check (git-fixes).
- gve: ignore nonrelevant GSO type bits when processing TSO headers (git-fixes).
- hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma (git-fixes).
- hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes).
- hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (git-fixes).
- hwmon: (adm9240) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (adt7470) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (max16065) Fix alarm attributes (git-fixes).
- hwmon: (max16065) Remove use of i2c_match_id() (stable-fixes).
- hwmon: (mc34vr500) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (nct6775) add G15CF to ASUS WMI monitoring list (stable-fixes).
- hwmon: (nct6775-core) Fix overflows seen when writing limit attributes (git-fixes).
- hwmon: (tmp513) Add missing dependency on REGMAP_I2C (git-fixes).
- hwmon: (tps23861) Fix reporting of negative temperatures (git-fixes).
- hwmon: intel-m10-bmc-hwmon: relabel Columbiaville to CVL Die Temperature (git-fixes).
- i2c: core: Setup i2c_adapter runtime-pm before calling device_add() (git-fixes).
- i2c: core: fix lockdep warning for sparsely nested adapter chain (git-fixes).
- i2c: cpm: Remove linux,i2c-index conversion from be32 (git-fixes).
- i2c: designware: do not hold SCL low when I2C_DYNAMIC_TAR_UPDATE is not set (git-fixes).
- i2c: exynos5: Calculate t_scl_l, t_scl_h according to i2c spec (git-fixes).
- i2c: i801: Add lis3lv02d for Dell Precision 3540 (git-fixes).
- i2c: i801: Add lis3lv02d for Dell XPS 15 7590 (git-fixes).
- i2c: i801: Use a different adapter-name for IDF adapters (stable-fixes).
- i2c: i801: add helper i801_restore_regs (git-fixes).
- i2c: ismt: kill transaction in hardware on timeout (git-fixes).
- i2c: ocores: Move system PM hooks to the NOIRQ phase (git-fixes).
- i2c: ocores: Remove #ifdef guards for PM related functions (git-fixes).
- i2c: omap: switch to NOIRQ_SYSTEM_SLEEP_PM_OPS() and RUNTIME_PM_OPS() (git-fixes).
- i2c: omap: wakeup the controller during suspend() callback (git-fixes).
- i2c: rcar: properly format a debug output (git-fixes).
- i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume (git-fixes).
- i2c: stm32f7: perform most of irq job in threaded handler (git-fixes).
- i2c: synquacer: Deal with optional PCLK correctly (git-fixes).
- i2c: synquacer: Remove a clk reference from struct synquacer_i2c (stable-fixes).
- i2c: xiic: Try re-initialization on bus busy timeout (git-fixes).
- i2c: xiic: improve error message when transfer fails to start (stable-fixes).
- i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() (git-fixes).
- i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (stable-fixes).
- i3c: master: svc: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- i40e: Fix XDP program unloading while removing the driver (git-fixes).
- i40e: Report MFS in decimal base instead of hex (git-fixes).
- i40e: fix race condition by adding filter's intermediate sync state (git-fixes).
- iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call (git-fixes).
- iavf: Fix TC config comparison with existing adapter TC config (git-fixes).
- ice: Fix VSI list rule with ICE_SW_LKUP_LAST type (git-fixes).
- ice: Fix checking for unsupported keys on non-tunnel device (git-fixes).
- ice: Fix lldp packets dropping after changing the number of channels (git-fixes).
- ice: Fix netif_is_ice() in Safe Mode (git-fixes).
- ice: Fix package download algorithm (git-fixes).
- ice: Fix recipe read procedure (git-fixes).
- ice: Fix reset handler (git-fixes).
- ice: Flush FDB entries before reset (git-fixes).
- ice: Interpret .set_channels() input differently (git-fixes).
- ice: Rebuild TC queues on VSI queue reconfiguration (git-fixes).
- ice: Reject pin requests with unsupported flags (git-fixes).
- ice: add flag to distinguish reset from .ndo_bpf in XDP rings config (git-fixes).
- ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (git-fixes).
- ice: avoid IRQ collision to fix init failure on ACPI S3 resume (git-fixes).
- ice: clear port vlan config during reset (git-fixes).
- ice: disallow DPLL_PIN_STATE_SELECTABLE for dpll output pins (git-fixes).
- ice: do not bring the VSI up, if it was down before the XDP setup (git-fixes).
- ice: do not busy wait for Rx queue disable in ice_qp_dis() (git-fixes).
- ice: fix 200G PHY types to link speed mapping (git-fixes).
- ice: fix 200G link speed message log (git-fixes).
- ice: fix ICE_LAST_OFFSET formula (git-fixes).
- ice: fix VLAN replay after reset (git-fixes).
- ice: fix VSI lists confusion when adding VLANs (git-fixes).
- ice: fix accounting for filters shared by multiple VSIs (git-fixes).
- ice: fix accounting if a VLAN already exists (git-fixes).
- ice: fix iteration of TLVs in Preserved Fields Area (git-fixes).
- ice: fix page reuse when PAGE_SIZE is over 8k (git-fixes).
- ice: fix reads from NVM Shadow RAM on E830 and E825-C devices (git-fixes).
- ice: fix truesize operations for PAGE_SIZE >= 8192 (git-fixes).
- ice: implement AQ download pkg retry (git-fixes).
- ice: map XDP queues to vectors in ice_vsi_map_rings_to_vectors() (git-fixes).
- ice: remove af_xdp_zc_qps bitmap (git-fixes).
- ice: replace synchronize_rcu with synchronize_net (git-fixes).
- ice: respect netif readiness in AF_XDP ZC related ndo's (git-fixes).
- ice: set correct dst VSI in only LAN filters (git-fixes).
- ice: tc: allow zero flags in parsing tc flower (git-fixes).
- ice: tc: check src_vsi in case of traffic from VF (git-fixes).
- ice: use proper macro for testing bit (git-fixes).
- idpf: Interpret .set_channels() input differently (git-fixes).
- idpf: avoid bloating &idpf_q_vector with big %NR_CPUS (git-fixes).
- idpf: do not enable NAPI and interrupts prior to allocating Rx buffers (git-fixes).
- idpf: do not skip over ethtool tcp-data-split setting (git-fixes).
- idpf: fix UAFs when destroying the queues (git-fixes).
- idpf: fix memleak in vport interrupt configuration (git-fixes).
- idpf: fix memory leaks and crashes while performing a soft reset (git-fixes).
- ieee802154: Fix build error (git-fixes).
- igb: Always call igb_xdp_ring_update_tail() under Tx lock (git-fixes).
- igb: Disable threaded IRQ for igb_msix_other (git-fixes).
- igb: Fix not clearing TimeSync interrupts for 82580 (git-fixes).
- igc: Fix double reset adapter triggered from a single taprio cmd (git-fixes).
- igc: Fix packet still tx after gate close by reducing i226 MAC retry buffer (git-fixes).
- igc: Fix qbv tx latency by setting gtxoffset (git-fixes).
- igc: Fix qbv_config_change_errors logics (git-fixes).
- igc: Fix reset adapter logics when tx mode change (git-fixes).
- igc: Unlock on error in igc_io_resume() (git-fixes).
- iio: Fix fwnode_handle in __fwnode_iio_channel_get_by_name() (git-fixes).
- iio: accel: bma400: Fix uninitialized variable field_value in tap event handling (git-fixes).
- iio: accel: kx022a: Fix raw read format (git-fixes).
- iio: accel: kx022a: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() (git-fixes).
- iio: adc: ad7606: Fix typo in the driver name (git-fixes).
- iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer (git-fixes).
- iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: adc: ti-lmp92064: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: ad3552r: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: dac: ad5766: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig (git-fixes).
- iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig (git-fixes).
- iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig (git-fixes).
- iio: frequency: admv4420: fix missing select REMAP_SPI in Kconfig (git-fixes).
- iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() (git-fixes).
- iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() (git-fixes).
- iio: gts: Fix uninitialized symbol 'ret' (git-fixes).
- iio: gts: fix infinite loop for gain_to_scaletables() (git-fixes).
- iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() (git-fixes).
- iio: light: al3010: Fix an error handling path in al3010_probe() (git-fixes).
- iio: light: opt3001: add missing full-scale range value (git-fixes).
- iio: light: veml6030: fix ALS sensor resolution (git-fixes).
- iio: light: veml6030: fix IIO device retrieval from embedded device (git-fixes).
- iio: light: veml6030: fix microlux value calculation (git-fixes).
- iio: magnetometer: ak8975: Convert enum->pointer for data in the match tables (stable-fixes).
- iio: magnetometer: ak8975: Fix 'Unexpected device' error (git-fixes).
- iio: magnetometer: ak8975: drop incorrect AK09116 compatible (git-fixes).
- iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).
- ima: fix buffer overrun in ima_eventdigest_init_common (git-fixes).
- initramfs: avoid filename buffer overrun (bsc#1232436).
- intel_idle: add Granite Rapids Xeon support (bsc#1231630).
- intel_idle: fix ACPI _CST matching for newer Xeon platforms (bsc#1231630).
- io_uring/eventfd: move to more idiomatic RCU free usage (git-fixes).
- io_uring/io-wq: do not allow pinning outside of cpuset (git-fixes).
- io_uring/io-wq: inherit cpuset of cgroup in io worker (git-fixes).
- io_uring/net: harden multishot termination case for recv (git-fixes).
- io_uring/rw: fix cflags posting for single issue multishot read (git-fixes).
- io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (git-fixes).
- io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN (git-fixes).
- io_uring/sqpoll: close race on waiting for sqring entries (git-fixes).
- io_uring/sqpoll: do not allow pinning outside of cpuset (git-fixes).
- io_uring/sqpoll: do not put cpumask on stack (git-fixes).
- io_uring/sqpoll: retain test for whether the CPU is valid (git-fixes).
- io_uring: check for presence of task_work rather than TIF_NOTIFY_SIGNAL (git-fixes).
- iommu/amd: Allocate the page table root using GFP_KERNEL (git-fixes).
- iommu/amd: Do not set the D bit on AMD v2 table entries (git-fixes).
- iommu/amd: Fix typo of , instead of ; (git-fixes).
- iommu/vt-d: Always reserve a domain ID for identity setup (git-fixes).
- iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices (git-fixes).
- iommufd: Check the domain owner of the parent before creating a nesting domain (git-fixes).
- iommufd: Protect against overflow of ALIGN() during iova allocation (git-fixes).
- irqchip/gic-v3-its: Avoid explicit cpumask allocation on stack (git-fixes).
- jbd2: Move j_transaction_overhead_buffers into a hole (bsc#1234042).
- jbd2: avoid infinite transaction commit loop (bsc#1234039).
- jbd2: avoid memleak in jbd2_journal_write_metadata_buffer (bsc#1234043).
- jbd2: avoid mount failed when commit block is partial submitted (bsc#1234040).
- jbd2: correct the printing of write_flags in jbd2_write_superblock() (bsc#1234045).
- jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit (bsc#1231638).
- jbd2: fix kernel-doc for j_transaction_overhead_buffers (bsc#1234042).
- jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev (bsc#1234044).
- jbd2: fix soft lockup in journal_finish_inode_data_buffers() (bsc#1234046).
- jbd2: make jbd2_journal_get_max_txn_bufs() internal (bsc#1234041).
- jbd2: precompute number of transaction descriptor blocks (bsc#1234042).
- jfs: Fix sanity check in dbMount (git-fixes).
- jfs: Fix uaf in dbFreeBits (git-fixes).
- jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes).
- jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes).
- jfs: check if leafidx greater than num leaves per dmap tree (git-fixes).
- jump_label: Fix static_key_slow_dec() yet again (git-fixes).
- kABI fix of VM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes).
- kABI workaround for ASoC SOF (bsc#1233305).
- kABI: Restore exported __arm_smccc_sve_check (git-fixes)
- kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes).
- kABI: bpf: struct bpf_insn_acces_aux kABI workaround (git-fixes).
- kabi, mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling (git-fixes kabi).
- kasan: Fix Software Tag-Based KASAN with GCC (git-fixes).
- kasan: move checks to do_strncpy_from_user (git-fixes).
- kbuild, bpf: Use test-ge check for v1.25-only pahole (bsc#1230414 bsc#1229450).
- kbuild,bpf: Add module-specific pahole flags for distilled base BTF (bsc#1230414 bsc#1229450).
- kbuild,bpf: Switch to using --btf_features for pahole v1.26 and later (bsc#1230414 bsc#1229450).
- kbuild: avoid too many execution of scripts/pahole-flags.sh (bsc#1230414 bsc#1229450).
- kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414 bsc#1229450).
- kconfig: qconf: fix buffer overflow in debug links (git-fixes).
- kernel-binary: Enable livepatch package only when livepatch is enabled Otherwise the filelist may be empty failing the build (bsc#1218644).
- kexec_file: fix elfcorehdr digest exclusion when CONFIG_CRASH_HOTPLUG=y (git-fixes).
- keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry (git-fixes).
- keys: Fix overwrite of key expiration on instantiation (git-fixes).
- kthread: unpark only parked kthread (git-fixes).
- leds: lp55xx: Remove redundant test for invalid channel number (git-fixes).
- lib/xarray: introduce a new helper xas_get_order (bsc#1231617).
- lib: string_helpers: silence snprintf() output truncation warning (git-fixes).
- mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING (git-fixes).
- macsec: do not increment counters for an unrelated SA (git-fixes).
- mailbox: arm_mhuv2: clean up loop in get_irq_chan_comb() (git-fixes).
- maple_tree: correct tree corruption on spanning store (git-fixes).
- maple_tree: fix alloc node fail issue (git-fixes).
- maple_tree: refine mas_store_root() on storing NULL (git-fixes).
- media: adv7604: prevent underflow condition when reporting colorspace (git-fixes).
- media: amphion: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: amphion: Set video drvdata before register video device (git-fixes).
- media: ar0521: do not overflow when checking PLL values (git-fixes).
- media: atomisp: Add check for rgby_data memory allocation failure (git-fixes).
- media: bttv: use audio defaults for winfast2000 (git-fixes).
- media: core: v4l2-ioctl: check if ioctl is known to avoid NULL name (git-fixes).
- media: cx24116: prevent overflows on SNR calculus (git-fixes).
- media: dvb_frontend: do not play tricks with underflow values (git-fixes).
- media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set (stable-fixes).
- media: dvbdev: prevent the risk of out of memory access (git-fixes).
- media: gspca: ov534-ov772x: Fix off-by-one error in set_frame_rate() (git-fixes).
- media: i2c: dw9768: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: i2c: imx335: Enable regulator supplies (stable-fixes).
- media: i2c: tc358743: Fix crash in the probe error path when using polling (git-fixes).
- media: imx-jpeg: Ensure power suppliers be suspended before detach them (git-fixes).
- media: imx-jpeg: Set video drvdata before register video device (git-fixes).
- media: imx335: Fix reset-gpio handling (git-fixes).
- media: mantis: remove orphan mantis_core.h (git-fixes).
- media: mtk-jpeg: Fix null-ptr-deref during unload module (git-fixes).
- media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler warning (git-fixes).
- media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() (git-fixes).
- media: platform: exynos4-is: Fix an OF node reference leak in fimc_md_is_isp_available (git-fixes).
- media: pulse8-cec: fix data timestamp at pulse8_setup() (git-fixes).
- media: s5p-jpeg: prevent buffer overflows (git-fixes).
- media: stb0899_algo: initialize cfr before using it (git-fixes).
- media: ts2020: fix null-ptr-deref in ts2020_probe() (git-fixes).
- media: uvcvideo: Require entities to have a non-zero unique ID (git-fixes).
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (git-fixes).
- media: uvcvideo: Stop stream during unregister (git-fixes).
- media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl() (git-fixes).
- media: v4l2-tpg: prevent the risk of a division by zero (git-fixes).
- media: vb2: Fix comment (git-fixes).
- media: venus: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() (stable-fixes).
- media: videobuf2: fix typo: vb2_dbuf -> vb2_qbuf (git-fixes).
- media: wl128x: Fix atomicity violation in fmc_send_cmd() (git-fixes).
- mei: use kvmalloc for read buffer (git-fixes).
- mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).
- mfd: rt5033: Fix missing regmap_del_irq_chip() (git-fixes).
- mfd: tps65010: Use IRQF_NO_AUTOEN flag in request_irq() to fix race (git-fixes).
- minmax: avoid overly complex min()/max() macro arguments in xen (git-fixes).
- minmax: scsi: fix mis-use of 'clamp()' in sr.c (git-fixes).
- misc: apds990x: Fix missing pm_runtime_disable() (git-fixes).
- mlx5: avoid truncating error message (git-fixes).
- mlx5: stop warning for 64KB pages (git-fixes).
- mlxbf_gige: disable RX filters until RX path initialized (git-fixes).
- mm/filemap: optimize filemap folio adding (bsc#1231617).
- mm/filemap: return early if failed to allocate memory for split (bsc#1231617).
- mm/hugetlb: fix nodes huge page allocation when there are surplus pages (bsc#1234012).
- mm: avoid unsafe VMA hook invocation when error arises on mmap hook (git-fixes).
- mm: khugepaged: fix the arguments order in khugepaged_collapse_file trace point (git-fixes).
- mm: mmap: no need to call khugepaged_enter_vma() for stack (jsc#PED-10978).
- mm: move dummy_vm_ops out of a header (git-fixes prerequisity).
- mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling (git-fixes).
- mm: refactor map_deny_write_exec() (git-fixes).
- mm: resolve faulty mmap_region() error path behaviour (git-fixes).
- mm: unconditionally close VMAs on error (git-fixes).
- mmc: core: Further prevent card detect during shutdown (git-fixes).
- mmc: mmc_spi: drop buggy snprintf() (git-fixes).
- mmc: sunxi-mmc: Fix A100 compatible description (git-fixes).
- modpost: fix acpi MODULE_DEVICE_TABLE built with mismatched endianness (git-fixes).
- modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (git-fixes).
- modpost: remove incorrect code in do_eisa_entry() (git-fixes).
- module: abort module loading when sysfs setup suffer errors (git-fixes).
- mtd: rawnand: atmel: Fix possible memory leak (git-fixes).
- mtd: spi-nor: core: replace dummy buswidth from addr to data (git-fixes).
- nbd: fix race between timeout and normal completion (bsc#1230918).
- net/mlx5: Add missing masks and QoS bit masks for scheduling elements (git-fixes).
- net/mlx5: Added cond_resched() to crdump collection (git-fixes).
- net/mlx5: Check capability for fw_reset (git-fixes).
- net/mlx5: Check for invalid vector index on EQ creation (git-fixes).
- net/mlx5: Explicitly set scheduling element and TSAR type (git-fixes).
- net/mlx5: Fix command bitmask initialization (git-fixes).
- net/mlx5: Fix error handling in irq_pool_request_irq (git-fixes).
- net/mlx5: Lag, do bond only if slaves agree on roce state (git-fixes).
- net/mlx5: Lag, do not use the hardcoded value of the first port (git-fixes).
- net/mlx5: Stop waiting for PCI if pci channel is offline (git-fixes).
- net/mlx5: Unregister notifier on eswitch init failure (git-fixes).
- net/mlx5: Update the list of the PCI supported devices (git-fixes).
- net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (git-fixes).
- net/mlx5e: Add missing link mode to ptys2ext_ethtool_map (git-fixes).
- net/mlx5e: Add missing link modes to ptys2ethtool_map (git-fixes).
- net/mlx5e: Add mqprio_rl cleanup and free in mlx5e_priv_cleanup() (git-fixes).
- net/mlx5e: Correctly report errors for ethtool rx flows (git-fixes).
- net/mlx5e: Do not call cleanup on profile rollback failure (git-fixes).
- net/mlx5e: Fix IPsec tunnel mode offload feature check (git-fixes).
- net/mlx5e: Fix UDP GSO for encapsulated packets (git-fixes).
- net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN) packets (git-fixes).
- net/mlx5e: Require mlx5 tc classifier action support for IPsec prio capability (git-fixes).
- net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion (git-fixes).
- net: mana: Implement get_ringparam/set_ringparam for mana (bsc#1229891).
- net: mana: Improve mana_set_channels() in low mem conditions (bsc#1230289).
- net: mdio-ipq4019: add missing error check (git-fixes).
- net: phy: Remove LED entry from LEDs list on unregister (git-fixes).
- net: phy: bcm84881: Fix some error handling paths (git-fixes).
- net: phy: dp83822: Fix reset pin definitions (git-fixes).
- net: phy: dp83869: fix memory corruption when enabling fiber (git-fixes).
- net: phy: ti: add PHY_RST_AFTER_CLK_EN flag (git-fixes).
- net: qede: sanitize 'rc' in qede_add_tc_flower_fltr() (git-fixes).
- net: qede: use return from qede_parse_actions() (git-fixes).
- net: qede: use return from qede_parse_flow_attr() for flow_spec (git-fixes).
- net: qede: use return from qede_parse_flow_attr() for flower (git-fixes).
- net: relax socket state check at accept time (git-fixes).
- net: stmmac: dwmac-tegra: Fix link bring-up sequence (git-fixes)
- net: sysfs: Fix /sys/class/net/<iface> path for statistics (git-fixes).
- net: test for not too small csum_start in virtio_net_hdr_to_skb() (git-fixes).
- net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (git-fixes).
- net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device (git-fixes).
- net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL configuration (git-fixes).
- net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition (stable-fixes).
- net: usb: usbnet: fix name regression (get-fixes).
- net: usb: usbnet: fix race in probe failure (git-fixes).
- net: wwan: fix global oob in wwan_rtnl_policy (git-fixes).
- net: wwan: t7xx: Fix off-by-one error in t7xx_dpmaif_rx_buf_alloc() (git-fixes).
- net: xfrm: preserve kabi for xfrm_state (bsc#1233754).
- netdevsim: copy addresses for both in and out paths (git-fixes).
- netdevsim: use cond_resched() in nsim_dev_trap_report_work() (git-fixes).
- netfilter: nf_tables: missing iterator type in lookup walk (git-fixes).
- nfs: Fix KMSAN warning in decode_getfattr_attrs() (git-fixes).
- nfs: avoid i_lock contention in nfs_clear_invalid_mapping (git-fixes).
- nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes).
- nfsd: call cache_put if xdr_reserve_space returns NULL (git-fixes).
- nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net (git-fixes).
- nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes).
- nfsd: fix refcount leak when file is unhashed after being found (git-fixes).
- nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes).
- nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (git-fixes).
- nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234121).
- nfsd: return -EINVAL when namelen is 0 (git-fixes).
- nilfs2: fix kernel bug due to missing clearing of buffer delay flag (git-fixes).
- nilfs2: fix potential deadlock with newly created symlinks (git-fixes).
- nouveau/dmem: Fix privileged error in copy engine channel (git-fixes).
- nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error (git-fixes).
- nouveau/dp: handle retries for AUX CH transfers with GSP (git-fixes).
- nouveau/gsp: Avoid addressing beyond end of rpc->entries (stable-fixes).
- nouveau: fw: sync dma after setup is called (git-fixes).
- nouveau: handle EBUSY and EAGAIN for GSP aux errors (git-fixes).
- ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes).
- ntfs3: Add bounds checking to mi_enum_attr() (bsc#1233207)
- nvme-fabrics: fix kernel crash while shutting down controller (git-fixes).
- nvme-loop: flush off pending I/O while shutting down loop controller (git-fixes).
- nvme-multipath: suppress partition scan until the disk is ready (bsc#1228244).
- nvme-pci: fix freeing of the HMB descriptor table (git-fixes).
- nvme-pci: fix race condition between reset and nvme_dev_disable() (git-fixes).
- nvme-pci: qdepth 1 quirk (git-fixes).
- nvme-pci: reverse request order in nvme_queue_rqs (git-fixes).
- nvme-pci: set doorbell config before unquiescing (git-fixes).
- nvme/host: Fix RCU list traversal to use SRCU primitive (git-fixes).
- nvme: disable CC.CRIME (NVME_CC_CRIME) (jsc#PED-9901).
- nvme: null terminate nvme_tls_attrs (git-fixes).
- nvme: re-fix error-handling for io_uring nvme-passthrough (git-fixes).
- nvme: tcp: avoid race between queue_lock lock and destroy (git-fixes).
- nvmet-auth: assign dh_key to NULL after kfree_sensitive (git-fixes).
- ocfs2: fix UBSAN warning in ocfs2_verify_volume() (git-fixes).
- ocfs2: fix the la space leak when unmounting an ocfs2 volume (git-fixes).
- ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes).
- ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (git-fixes).
- ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (git-fixes).
- ocfs2: uncache inode which has failed entering the group (git-fixes).
- of: Add cleanup.h based auto release via __free(device_node) markings (bsc#1232386)
- parport: Proper fix for array out-of-bounds access (git-fixes).
- phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check (git-fixes).
- phy: qcom: qmp-combo: move driver data initialisation earlier (git-fixes).
- phy: qcom: qmp-usb: fix NULL-deref on runtime suspend (git-fixes).
- phy: tegra: xusb: Add error pointer check in xusb.c (git-fixes).
- phy: ti: phy-j721e-wiz: fix usxgmii configuration (git-fixes).
- pinctrl: apple: check devm_kasprintf() returned value (git-fixes).
- pinctrl: k210: Undef K210_PC_DEFAULT (git-fixes).
- pinctrl: ocelot: fix system hang on level based interrupts (stable-fixes).
- pinctrl: qcom: spmi: fix debugfs drive strength (git-fixes).
- pinctrl: zynqmp: drop excess struct member description (git-fixes).
- platform/chrome: cros_ec_typec: fix missing fwnode reference decrement (git-fixes).
- platform/x86/amd/pmc: Detect when STB is not available (git-fixes).
- platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (git-fixes).
- platform/x86: dell-sysman: add support for alienware products (stable-fixes).
- platform/x86: dell-wmi: Ignore suspend notifications (stable-fixes).
- platform/x86: lenovo-ymc: Ignore the 0x0 state (stable-fixes).
- platform/x86: panasonic-laptop: Return errno correctly in show callback (git-fixes).
- platform/x86: touchscreen_dmi: add nanote-next quirk (stable-fixes).
- posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone (bsc#1234098).
- power: reset: brcmstb: Do not go into infinite loop if reset fails (stable-fixes).
- power: supply: bq27xxx: Fix registers of bq27426 (git-fixes).
- power: supply: core: Remove might_sleep() from power_supply_put() (git-fixes).
- power: supply: rt9471: Fix wrong WDT function regfield declaration (git-fixes).
- power: supply: rt9471: Use IC status regfield to report real charger status (git-fixes).
- powercap: intel_rapl: Fix off by one in get_rpi() (git-fixes).
- powerpc/64: Convert patch_instruction() to patch_u32() (bsc#1194869).
- powerpc/64s: Fix unnecessary copy to 0 when kernel is booted at address 0 (bsc#1215199).
- powerpc/atomic: Use YZ constraints for DS-form instructions (bsc#1194869).
- powerpc/boot: Handle allocation failure in simple_realloc() (bsc#1194869).
- powerpc/boot: Only free if realloc() succeeds (bsc#1194869).
- powerpc/code-patching: Add generic memory patching (bsc#1194869).
- powerpc/code-patching: Perform hwsync in __patch_instruction() in case of failure (bsc#1194869).
- powerpc/crypto: do not build aes-gcm-p10 by default (bsc#1230501 ltc#208632).
- powerpc/crypto: fix missing skcipher dependency for aes-gcm-p10 (bsc#1230501 ltc#208632).
- powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() (bsc#1215199).
- powerpc/fadump: Refactor and prepare fadump_cma_init for late init (bsc#1215199).
- powerpc/kexec: Fix return of uninitialized variable (bsc#1194869).
- powerpc/mm/fault: Fix kfence page fault reporting (bsc#1194869).
- powerpc/mm: Fix boot crash with FLATMEM (bsc#1194869).
- powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL (bsc#1194869).
- powerpc/powernv: Free name on error in opal_event_init() (bsc#1194869).
- powerpc/pseries: Fix KVM guest detection for disabling hardlockup detector (bsc#1194869).
- powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore (bsc#1194869).
- powerpc/pseries: Use correct data types from pseries_hp_errorlog struct (bsc#1215199).
- powerpc/vdso: Fix VDSO data access when running in a non-root time namespace (bsc#1194869).
- powerpc/vdso: Inconditionally use CFUNC macro (bsc#1215199).
- powerpc/xics: Check return value of kasprintf in icp_native_map_one_cpu (bsc#1194869).
- powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729).
- printk: Add notation to console_srcu locking (bsc#1232183).
- pwm: imx-tpm: Use correct MODULO value for EPWM mode (git-fixes).
- qed: avoid truncating work queue length (git-fixes).
- rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow (bsc#1226631).
- rcu: Fix buffer overflow in print_cpu_stall_info() (bsc#1226623).
- regmap: detach regmap from dev on regmap_exit (git-fixes).
- regmap: irq: Set lockdep class for hierarchical IRQ domains (git-fixes).
- rpm/check-for-config-changes: add HAVE_RUST and RUSTC_SUPPORTS_ to IGNORED_CONFIGS_RE They depend on SHADOW_CALL_STACK.
- rpm/release-projects: Add SLFO projects (bsc#1231293).
- rpm/scripts: Remove obsolete Symbols.list Symbols.list is not longer needed by the new klp-convert implementation. (bsc#1218644)
- rpmsg: glink: Handle rejected intent request better (git-fixes).
- rtc: ab-eoz9: do not fail temperature reads on undervoltage notification (git-fixes).
- rtc: abx80x: Fix WDT bit position of the status register (git-fixes).
- rtc: bbnsm: add remove hook (git-fixes).
- rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (git-fixes).
- rtc: rzn1: fix BCD to rtc_time conversion errors (git-fixes).
- rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- runtime constants: add default dummy infrastructure (git-fixes).
- runtime constants: add x86 architecture support (git-fixes).
- s390/mm: Add cond_resched() to cmm_alloc/free_pages() (bsc#1228747).
- s390/pci: Handle PCI error codes other than 0x3a (git-fixes bsc#1232629).
- s390/sclp: Deactivate sclp after all its users (git-fixes bsc#1232628).
- s390/sclp_vt220: Convert newlines to CRLF instead of LFCR (git-fixes bsc#1232627).
- scsi: NCR5380: Check for phase match during PDMA fixup (git-fixes).
- scsi: NCR5380: Initialize buffer for MSG IN and STATUS transfers (git-fixes).
- scsi: Remove scsi device no_start_on_resume flag (git-fixes).
- scsi: aacraid: Rearrange order of struct aac_srb_unit (git-fixes).
- scsi: cdrom: kABI: fix cdrom_dev_ops change (git-fixes).
- scsi: core: Disable CDL by default (git-fixes).
- scsi: core: Fix handling of SCMD_FAIL_IF_RECOVERING (git-fixes).
- scsi: core: Fix the return value of scsi_logical_block_count() (git-fixes).
- scsi: core: Handle devices which return an unusually large VPD page count (git-fixes).
- scsi: core: alua: I/O errors for ALUA state transitions (git-fixes).
- scsi: fnic: Move flush_work initialization out of if block (bsc#1230055).
- scsi: hisi_sas: Handle the NCQ error returned by D2H frame (git-fixes).
- scsi: hpsa: Fix allocation size for Scsi_Host private data (git-fixes).
- scsi: kABI: restore no_start_on_resume to scsi_device (git-fixes).
- scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (git-fixes).
- scsi: libsas: Fix the failure of adding phy with zero-address to port (git-fixes).
- scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() (bsc#1232757).
- scsi: lpfc: Add cleanup of nvmels_wq after HBA reset (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Call lpfc_sli4_queue_unset() in restart and rmmod paths (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Change lpfc_nodelist nlp_flag member into a bitmask (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Check SLI_ACTIVE flag in FDMI cmpl before submitting follow up FDMI (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Check devloss callbk done flag for potential stale NDLP ptrs (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Copyright updates for 14.4.0.6 patches (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1232757).
- scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (bsc#1232757).
- scsi: lpfc: Modify CGN warning signal calculation based on EDC response (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Prevent NDLP reference count underflow in dev_loss_tmo callback (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Remove NLP_RELEASE_RPI flag from nodelist structure (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Remove trailing space after \n newline (bsc#1232757).
- scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs (bsc#1232757 bsc#1228119).
- scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING (bsc#1232757).
- scsi: lpfc: Support loopback tests with VMID enabled (bsc#1232757).
- scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757).
- scsi: lpfc: Update lpfc version to 14.4.0.6 (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Update lpfc_els_flush_cmd() to check for SLI_ACTIVE before BSG flag (bsc#1233241 jsc#PED-9943).
- scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE (bsc#1232757).
- scsi: mac_scsi: Disallow bus errors during PDMA send (git-fixes).
- scsi: mac_scsi: Refactor polling loop (git-fixes).
- scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages (git-fixes).
- scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES (git-fixes).
- scsi: mpi3mr: Avoid memcpy field-spanning write WARNING (git-fixes).
- scsi: mpi3mr: Avoid possible run-time warning with long manufacturer strings (git-fixes).
- scsi: mpi3mr: Fix ATA NCQ priority support (git-fixes).
- scsi: mpi3mr: Validate SAS port assignments (git-fixes).
- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (git-fixes).
- scsi: pm8001: Do not overwrite PCI queue mapping (git-fixes).
- scsi: pm80xx: Set phy->enable_completion only when we wait for it (git-fixes).
- scsi: qedf: Set qed_slowpath_params to zero before use (git-fixes).
- scsi: scsi_transport_fc: Allow setting rport state to current state (git-fixes).
- scsi: sd: Ignore command SYNCHRONIZE CACHE error if format in progress (git-fixes).
- scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer (git-fixes).
- scsi: smartpqi: correct stream detection (git-fixes).
- scsi: smartpqi: revert propagate-the-multipath-failure-to-SML-quickly (git-fixes).
- scsi: spi: Fix sshdr use (git-fixes).
- scsi: sr: Fix unintentional arithmetic wraparound (git-fixes).
- scsi: wd33c93: Do not use stale scsi_pointer value (git-fixes).
- security/keys: fix slab-out-of-bounds in key_task_permission (git-fixes).
- selftests/bpf: Add a test case to write mtu result into .rodata (git-fixes).
- selftests/bpf: Add a test case to write strtol result into .rodata (git-fixes).
- selftests/bpf: Add test for sign extension in coerce_subreg_to_size_sx() (git-fixes).
- selftests/bpf: Add test for truncation after sign extension in coerce_reg_to_size_sx() (git-fixes).
- selftests/bpf: Add tests for ldsx of pkt data/data_end/data_meta accesses (git-fixes).
- selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test (git-fixes).
- selftests/bpf: Rename ARG_PTR_TO_LONG test description (git-fixes).
- selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation (git-fixes).
- serial: 8250: omap: Move pm_runtime_get_sync (git-fixes).
- serial: imx: Update mctrl old_status on RTSD interrupt (git-fixes).
- serial: protect uart_port_dtr_rts() in uart_shutdown() too (stable-fixes).
- signal: Replace BUG_ON()s (bsc#1234093).
- soc: fsl: rcpm: fix missing of_node_put() in copy_ippdexpcr1_setting() (git-fixes).
- soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (git-fixes).
- soc: ti: smartreflex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- soundwire: intel_bus_common: enable interrupts before exiting reset (stable-fixes).
- spi: Fix acpi deferred irq probe (git-fixes).
- spi: atmel-quadspi: Fix register name in verbose logging function (git-fixes).
- spi: atmel-quadspi: Fix wrong register value written to MR (git-fixes).
- spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes).
- spi: mtk-snfi: fix kerneldoc for mtk_snand_is_page_ops() (git-fixes).
- spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes).
- spi: spi-fsl-dspi: Fix crash when not using GPIO chip select (git-fixes).
- spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).
- spi: tegra210-quad: Avoid shift-out-of-bounds (git-fixes).
- splice: always fsnotify_access(in), fsnotify_modify(out) on success (git-fixes).
- splice: fsnotify_access(fd)/fsnotify_modify(fd) in vmsplice (git-fixes).
- splice: fsnotify_access(in), fsnotify_modify(out) on success in tee (git-fixes).
- srcu: Fix callbacks acceleration mishandling (git-fixes).
- staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() (git-fixes).
- sumversion: Fix a memory leak in get_src_version() (git-fixes).
- supported.conf: mark nhpoly1305 module as supported (bsc#1231035)
- supported.conf: mark ultravisor userspace access as supported (bsc#1232090)
- task_work: add kerneldoc annotation for 'data' argument (git-fixes).
- tcp: Fix refcnt handling in __inet_hash_connect() (git-fixes).
- thermal: core: Initialize thermal zones before registering them (git-fixes).
- thermal: int3400: Fix reading of current_uuid for active policy (git-fixes).
- thermal: intel: int340x: processor: Fix warning during module unload (git-fixes).
- thunderbolt: Honor TMU requirements in the domain when setting TMU mode (stable-fixes).
- thunderbolt: Improve DisplayPort tunnel setup process to be more robust (stable-fixes).
- tools/lib/thermal: Fix sampling handler context ptr (git-fixes).
- tools/power turbostat: Fix trailing '\n' parsing (git-fixes).
- tools/power turbostat: Increase the limit for fd opened (bsc#1233119).
- tools: hv: rm .*.cmd when make clean (git-fixes).
- tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 git-fixes).
- tpm: fix signed/unsigned bug when checking event logs (git-fixes).
- tracing/hwlat: Fix a race during cpuhp processing (git-fixes).
- tracing/osnoise: Fix build when timerlat is not enabled (git-fixes).
- tracing/osnoise: Skip running osnoise if all instances are off (git-fixes).
- tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (git-fixes).
- tracing/osnoise: Use a cpumask to know what threads are kthreads (git-fixes).
- tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread() (git-fixes).
- tracing/timerlat: Add user-space interface (git-fixes).
- tracing/timerlat: Drop interface_lock in stop_kthread() (git-fixes).
- tracing/timerlat: Fix a race during cpuhp processing (git-fixes).
- tracing/timerlat: Fix duplicated kthread creation due to CPU online/offline (git-fixes).
- tracing/timerlat: Move hrtimer_init to timerlat_fd open() (git-fixes).
- tracing/timerlat: Only clear timer if a kthread exists (git-fixes).
- tracing: Consider the NULL character when validating the event length (git-fixes).
- tty: ldsic: fix tty_ldisc_autoload sysctl's proc_handler (git-fixes).
- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (stable-fixes).
- u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one file (git-fixes).
- ubifs: Fix adding orphan entry twice for the same inode (git-fixes).
- ubifs: Fix unattached xattr inode if powercut happens after deleting (git-fixes).
- ubifs: add check for crypto_shash_tfm_digest (git-fixes).
- ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes).
- ucounts: fix counter leak in inc_rlimit_get_ucounts() (bsc#1233460).
- unicode: Do not special case ignorable code points (stable-fixes).
- unicode: Fix utf8_load() error path (git-fixes).
- uprobe: avoid out-of-bounds memory access of fetching args (git-fixes).
- uprobes: encapsulate preparation of uprobe args buffer (git-fixes).
- uprobes: introduce the global struct vm_special_mapping xol_mapping (bsc#1231114).
- uprobes: turn xol_area->pages into xol_area->page (bsc#1231114).
- usb: chipidea: udc: enable suspend interrupt after usb reset (stable-fixes).
- usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario (stable-fixes).
- usb: dwc3: Wait for EndXfer completion before restoring GUSB2PHYCFG (git-fixes).
- usb: dwc3: core: Stop processing of pending events if controller is halted (git-fixes).
- usb: dwc3: gadget: Add missing check for single port RAM in TxFIFO resizing logic (git-fixes).
- usb: dwc3: gadget: Fix checking for number of TRBs left (git-fixes).
- usb: dwc3: gadget: Fix looping of queued SG entries (git-fixes).
- usb: ehci-spear: fix call balance of sehci clk handling routines (git-fixes).
- usb: gadget: core: force synchronous registration (git-fixes).
- usb: gadget: dummy_hcd: Set transfer interval to 1 microframe (stable-fixes).
- usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler (stable-fixes).
- usb: gadget: dummy_hcd: execute hrtimer callback in softirq context (git-fixes).
- usb: gadget: f_uac2: Replace snprintf() with the safer scnprintf() variant (stable-fixes).
- usb: gadget: f_uac2: fix non-newline-terminated function name (stable-fixes).
- usb: gadget: f_uac2: fix return value for UAC2_ATTRIBUTE_STRING store (git-fixes).
- usb: musb: Fix hardware lockup on first Rx endpoint request (git-fixes).
- usb: musb: sunxi: Fix accessing an released usb phy (git-fixes).
- usb: phy: Fix API devm_usb_put_phy() can not release the phy (git-fixes).
- usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip (stable-fixes).
- usb: typec: altmode should keep reference to parent (git-fixes).
- usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() (git-fixes).
- usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() (git-fixes).
- usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read() (git-fixes).
- usb: xhci: Fix TD invalidation under pending Set TR Dequeue (git-fixes).
- usb: xhci: Fix problem with xhci resume from suspend (stable-fixes).
- usb: xhci: fix loss of data on Cadence xHC (git-fixes).
- usb: yurex: make waiting on yurex_write interruptible (git-fixes).
- usbip: tools: Fix detach_port() invalid port error path (git-fixes).
- usbnet: fix cyclical race on disconnect with work queue (git-fixes).
- vdpa: Fix an error handling path in eni_vdpa_probe() (git-fixes).
- vdpa_sim_blk: Fix the potential leak of mgmt_dev (git-fixes).
- vdpa_sim_blk: allocate the buffer zeroed (git-fixes).
- vduse: avoid using __GFP_NOFAIL (git-fixes).
- vfs: dcache: move hashlen_hash() from callers into d_hash() (git-fixes).
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (git-fixes).
- vhost_vdpa: assign irq bypass producer token correctly (git-fixes).
- virtio_console: fix misc probe bugs (git-fixes).
- vmalloc: modify the alloc_vmap_area() error message for better diagnostics (jsc#PED-10978).
- vmxnet3: Add XDP support (bsc#1226498).
- vmxnet3: Fix missing reserved tailroom (bsc#1226498).
- vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame (bsc#1226498).
- vmxnet3: add command to allow disabling of offloads (bsc#1226498).
- vmxnet3: add latency measurement support in vmxnet3 (bsc#1226498).
- vmxnet3: prepare for version 9 changes (bsc#1226498).
- vmxnet3: update to version 9 (bsc#1226498).
- vsock: Update msg_count on read_skb() (git-fixes).
- vt: prevent kernel-infoleak in con_font_get() (git-fixes).
- watchdog: apple: Actually flush writes after requesting watchdog restart (git-fixes).
- watchdog: mediatek: Make sure system reset gets asserted in mtk_wdt_restart() (git-fixes).
- watchdog: rti: of: honor timeout-sec property (git-fixes).
- wifi: ath10k: Fix memory leak in management tx (git-fixes).
- wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss1 (git-fixes).
- wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss2 (git-fixes).
- wifi: ath11k: Fix CE offset address calculation for WCN6750 in SSR (git-fixes).
- wifi: ath11k: Fix invalid ring usage in full monitor mode (git-fixes).
- wifi: ath11k: fix array out-of-bound access in SoC stats (stable-fixes).
- wifi: ath12k: Skip Rx TID cleanup for self peer (git-fixes).
- wifi: ath12k: fix array out-of-bound access in SoC stats (stable-fixes).
- wifi: ath12k: fix crash when unbinding (git-fixes).
- wifi: ath12k: fix warning when unbinding (git-fixes).
- wifi: ath12k: remove msdu_end structure for WCN7850 (git-fixes).
- wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (git-fixes).
- wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() (stable-fixes).
- wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (stable-fixes).
- wifi: brcm80211: BRCM_TRACING should depend on TRACING (git-fixes).
- wifi: brcmfmac: release 'root' node in all execution paths (git-fixes).
- wifi: cfg80211: Set correct chandef when starting CAC (stable-fixes).
- wifi: cfg80211: clear wdev->cqm_config pointer on free (git-fixes).
- wifi: cw1200: Fix potential NULL dereference (git-fixes).
- wifi: iwlegacy: Clear stale interrupts before resuming device (stable-fixes).
- wifi: iwlegacy: Fix "field-spanning write" warning in il_enqueue_hcmd() (git-fixes).
- wifi: iwlwifi: allow only CN mcc from WRDD (stable-fixes).
- wifi: iwlwifi: config: label 'gl' devices as discrete (git-fixes).
- wifi: iwlwifi: mvm: Fix a race in scan abort flow (stable-fixes).
- wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() (git-fixes).
- wifi: iwlwifi: mvm: avoid NULL pointer dereference (stable-fixes).
- wifi: iwlwifi: mvm: do not add default link in fw restart flow (git-fixes).
- wifi: iwlwifi: mvm: do not leak a link on AP removal (git-fixes).
- wifi: iwlwifi: mvm: drop wrong STA selection in TX (stable-fixes).
- wifi: iwlwifi: mvm: use correct key iteration (stable-fixes).
- wifi: iwlwifi: remove AX101, AX201 and AX203 support from LNL (stable-fixes).
- wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (git-fixes).
- wifi: mac80211: fix RCU list iterations (stable-fixes).
- wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys (git-fixes).
- wifi: mt76: mt7915: add dummy HW offload of IEEE 802.11 fragmentation (stable-fixes).
- wifi: mt76: mt7915: disable tx worker during tx BA session enable/disable (stable-fixes).
- wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx worker (stable-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() (stable-fixes).
- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (git-fixes).
- wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
- wifi: rtw88: 8821cu: Remove VID/PID 0bda:c82c (stable-fixes).
- wifi: rtw88: Fix USB/SDIO devices not transmitting beacons (git-fixes).
- wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes).
- wifi: rtw89: avoid reading out of bounds when loading TX power FW elements (stable-fixes).
- wifi: rtw89: avoid to add interface to list twice when SER (stable-fixes).
- wifi: rtw89: correct base HT rate mask for firmware (stable-fixes).
- wifi: wfx: Fix error handling in wfx_core_init() (git-fixes).
- x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1233443).
- x86/CPU/AMD: Only apply Zenbleed fix for Zen2 during late microcode load (git-fixes).
- x86/Documentation: Indent 'note::' directive for protocol version number note (git-fixes).
- x86/PCI: Check pcie_find_root_port() return for NULL (git-fixes).
- x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h (git-fixes).
- x86/apic: Always explicitly disarm TSC-deadline timer (git-fixes).
- x86/apic: Make x2apic_disable() work correctly (git-fixes).
- x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes).
- x86/bugs: Skip RSB fill at VMEXIT (git-fixes).
- x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes).
- x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes).
- x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes).
- x86/entry: Remove unwanted instrumentation in common_interrupt() (git-fixes).
- x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes).
- x86/microcode/intel: Remove unnecessary cache writeback and invalidation (git-fixes).
- x86/mm: Use IPIs to synchronize LAM enablement (git-fixes).
- x86/resctrl: Annotate get_mem_config() functions as __init (git-fixes).
- x86/resctrl: Avoid overflow in MB settings in bw_validate() (git-fixes).
- x86/resctrl: Remove hard-coded memory bandwidth limit (git-fixes).
- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes).
- x86/syscall: Avoid memcpy() for ia32 syscall_get_arguments() (git-fixes).
- x86/tdx: Dynamically disable SEPT violations from causing #VEs (git-fixes).
- x86/tdx: Enable CPU topology enumeration (git-fixes).
- x86/tdx: Introduce wrappers to read and write TD metadata (git-fixes).
- x86/tdx: Rename tdx_parse_tdinfo() to tdx_setup() (git-fixes).
- x86/traps: move kmsan check after instrumentation_begin (git-fixes).
- x86: Increase brk randomness entropy for 64-bit systems (git-fixes).
- x86: do the user address masking outside the user access area (git-fixes).
- x86: fix off-by-one in access_ok() (git-fixes).
- x86: fix user address masking non-canonical speculation issue (git-fixes).
- x86: make the masked_user_access_begin() macro use its argument only once (git-fixes).
- x86: support user address masking instead of non-speculative conditional (git-fixes).
- xfrm: Export symbol xfrm_dev_state_delete (bsc#1233754).
- xfrm: Fix unregister netdevice hang on hardware offload (bsc#1233754).
- xfs: check opcode and iovec count match in xlog_recover_attri_commit_pass2 (git-fixes).
- xfs: check shortform attr entry flags specifically (git-fixes).
- xfs: convert delayed extents to unwritten when zeroing post eof blocks (git-fixes).
- xfs: fix finding a last resort AG in xfs_filestream_pick_ag (git-fixes).
- xfs: fix freeing speculative preallocations for preallocated files (git-fixes).
- xfs: make sure sb_fdblocks is non-negative (git-fixes).
- xfs: make the seq argument to xfs_bmapi_convert_delalloc() optional (git-fixes).
- xfs: make xfs_bmapi_convert_delalloc() to allocate the target offset (git-fixes).
- xfs: remove a racy if_bytes check in xfs_reflink_end_cow_extent (git-fixes).
- xfs: validate recovered name buffers when recovering xattr items (git-fixes).
- xhci: Add a quirk for writing ERST in high-low order (git-fixes).
- xhci: Fix Link TRB DMA in command ring stopped completion event (git-fixes).
- xhci: Fix incorrect stream context type macro (git-fixes).
- xhci: Mitigate failed set dequeue pointer commands (git-fixes).
- xhci: Use pm_runtime_get to prevent RPM on unsupported systems (git-fixes).
- xhci: tegra: fix checked USB2 port number (git-fixes).
- zonefs: Improve error handling (git-fixes).
Patchnames
SUSE-SLE-Micro-6.1-kernel-1
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-52778: mptcp: deal with large GSO size (bsc#1224948).\n- CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823).\n- CVE-2024-26596: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events (bsc#1220355).\n- CVE-2024-26741: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished() (bsc#1222587).\n- CVE-2024-26782: mptcp: fix double-free on socket dismantle (bsc#1222590).\n- CVE-2024-26953: net: esp: fix bad handling of pages from page_pool (bsc#1223656).\n- CVE-2024-27017: netfilter: nft_set_pipapo: walk over current view on netlink dump (bsc#1223733).\n- CVE-2024-35888: erspan: make sure erspan_base_hdr is present in skb-\u003ehead (bsc#1224518).\n- CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548).\n- CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797).\n- CVE-2024-36883: net: fix out-of-bounds access in ops_init (bsc#1225725).\n- CVE-2024-36886: tipc: fix UAF in error path (bsc#1225730).\n- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).\n- CVE-2024-36927: ipv4: Fix uninit-value access in __ip_make_skb() (bsc#1225813).\n- CVE-2024-36954: tipc: fix a possible memleak in tipc_buf_append (bsc#1225764).\n- CVE-2024-36968: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() (bsc#1226130).\n- CVE-2024-38589: netrom: fix possible dead-lock in nr_rt_ioctl() (bsc#1226748).\n- CVE-2024-40914: mm/huge_memory: do not unpoison huge_zero_folio (bsc#1227842).\n- CVE-2024-41023: sched/deadline: Fix task_struct reference leak (bsc#1228430).\n- CVE-2024-41031: mm/filemap: skip to create PMD-sized page cache if needed (bsc#1228454).\n- CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620).\n- CVE-2024-42102: Revert \"mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again\" (bsc#1233132).\n- CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179).\n- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).\n- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).\n- CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456).\n- CVE-2024-46678: bonding: change ipsec_lock from spin lock to mutex (bsc#1230550).\n- CVE-2024-46680: Bluetooth: btnxpuart: Fix random crash seen while removing driver (bsc#1230557).\n- CVE-2024-46681: pktgen: use cpus_read_lock() in pg_net_init() (bsc#1230558).\n- CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)\n- CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801).\n- CVE-2024-46765: ice: protect XDP configuration with a mutex (bsc#1230807).\n- CVE-2024-46766: ice: move netif_queue_set_napi to rtnl-protected sections (bsc#1230762).\n- CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).\n- CVE-2024-46775: drm/amd/display: Validate function returns (bsc#1230774).\n- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).\n- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).\n- CVE-2024-46813: drm/amd/display: Check link_index before accessing dc-\u003elinks (bsc#1231191).\n- CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197).\n- CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115).\n- CVE-2024-46831: net: microchip: vcap: Fix use-after-free error in kunit test (bsc#1231117).\n- CVE-2024-46834: ethtool: fail closed if we can\u0027t get max channel used in indirection tables (bsc#1231096).\n- CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105).\n- CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094).\n- CVE-2024-46843: scsi: ufs: core: Remove SCSI host only if added (bsc#1231100).\n- CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).\n- CVE-2024-46855: netfilter: nft_socket: fix sk refcount leaks (bsc#1231085).\n- CVE-2024-46857: net/mlx5: Fix bridge mode operations when there are no VFs (bsc#1231087).\n- CVE-2024-46870: drm/amd/display: Disable DMCUB timeout for DCN35 (bsc#1231435).\n- CVE-2024-47658: crypto: stm32/cryp - call finalize with bh disabled (bsc#1231436).\n- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).\n- CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442).\n- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673).\n- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode() and iput() (bsc#1231930).\n- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987).\n- CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998).\n- CVE-2024-47687: vdpa/mlx5: Fix invalid mr resource destroy (bsc#1232003).\n- CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857).\n- CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920).\n- CVE-2024-47703: bpf, lsm: add check for BPF LSM return value (bsc#1231946).\n- CVE-2024-47704: drm/amd/display: Check link_res-\u003ehpo_dp_link_enc before using it (bsc#1231944).\n- CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872).\n- CVE-2024-47706: block, bfq: fix possible UAF for bfqq-\u003ebic with merge chain (bsc#1231942).\n- CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935).\n- CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049).\n- CVE-2024-47727: x86/tdx: Fix \"in-kernel MMIO\" check (bsc#1232116).\n- CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075).\n- CVE-2024-47731: drivers/perf: Fix ali_drw_pmu driver interrupt status clearing (bsc#1232117).\n- CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124).\n- CVE-2024-47741: btrfs: fix race setting file private on concurrent lseek using same fd (bsc#1231869).\n- CVE-2024-47745: mm: call the security_mmap_file() LSM hook in remap_file_pages() (bsc#1232135).\n- CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145).\n- CVE-2024-47752: media: mediatek: vcodec: Fix H264 stateless decoder smatch warning (bsc#1232130).\n- CVE-2024-47753: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning (bsc#1231868).\n- CVE-2024-47754: media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning (bsc#1232131).\n- CVE-2024-49852: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() (bsc#1232819).\n- CVE-2024-49864: rxrpc: Fix a race between socket set up and I/O thread creation (bsc#1232256).\n- CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232262).\n- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).\n- CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201).\n- CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200).\n- CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199).\n- CVE-2024-49888: bpf: Fix a sdiv overflow issue (bsc#1232208).\n- CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217).\n- CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element\u0027s default to 1 (bsc#1232220).\n- CVE-2024-49894: drm/amd/display: Fix index out of bounds in degamma hardware format translation (bsc#1232354).\n- CVE-2024-49895: drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation (bsc#1232352).\n- CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221).\n- CVE-2024-49897: drm/amd/display: Check phantom_stream before it is used (bsc#1232355).\n- CVE-2024-49898: drm/amd/display: Check null-initialized variables (bsc#1232222).\n- CVE-2024-49899: drm/amd/display: Initialize denominators\u0027 default to 1 (bsc#1232358).\n- CVE-2024-49901: drm/msm/adreno: Assign msm_gpu-\u003epdev earlier to avoid nullptrs (bsc#1232305).\n- CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332).\n- CVE-2024-49907: drm/amd/display: Check null pointers before using dc-\u003eclk_mgr (bsc#1232334).\n- CVE-2024-49909: drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (bsc#1232337).\n- CVE-2024-49911: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (bsc#1232366).\n- CVE-2024-49912: drm/amd/display: Handle null \u0027stream_status\u0027 in \u0027planes_changed_for_existing_stream\u0027 (bsc#1232367).\n- CVE-2024-49913: drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream (bsc#1232307).\n- CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx-\u003eplane_state in (bsc#1232369).\n- CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr-\u003efuncs in dcn30_init_hw (bsc#1231965).\n- CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967).\n- CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968).\n- CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313).\n- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).\n- CVE-2024-49922: drm/amd/display: Check null pointers before using them (bsc#1232374).\n- CVE-2024-49923: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (bsc#1232361).\n- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)\n- CVE-2024-49933: blk_iocost: fix more out of bound shifts (bsc#1232368).\n- CVE-2024-49934: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name (bsc#1232387).\n- CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424).\n- CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166).\n- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).\n- CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164).\n- CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160).\n- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).\n- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).\n- CVE-2024-49953: net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (bsc#1232156).\n- CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155).\n- CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151).\n- CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149).\n- CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395).\n- CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140).\n- CVE-2024-49968: ext4: filesystems without casefold feature cannot be mounted with siphash (bsc#1232264).\n- CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519).\n- CVE-2024-49972: drm/amd/display: Deallocate DML memory if allocation fails (bsc#1232315).\n- CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105).\n- CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383).\n- CVE-2024-49983: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free (bsc#1232096).\n- CVE-2024-49986: platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors (bsc#1232093).\n- CVE-2024-49987: bpftool: Fix undefined behavior in qsort(NULL, 0, ...) (bsc#1232258).\n- CVE-2024-49989: drm/amd/display: fix double free issue during amdgpu module unload (bsc#1232483).\n- CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282).\n- CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316).\n- CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432).\n- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).\n- CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085).\n- CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084).\n- CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083).\n- CVE-2024-50003: drm/amd/display: Fix system hang while resume with TBT monitor (bsc#1232385).\n- CVE-2024-50004: drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35 (bsc#1232396).\n- CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442).\n- CVE-2024-50009: cpufreq: amd-pstate: add check for cpufreq_cpu_get\u0027s return value (bsc#1232318).\n- CVE-2024-50012: cpufreq: Avoid a bad reference count on CPU node (bsc#1232386).\n- CVE-2024-50014: ext4: fix access to uninitialised lock in fc replay path (bsc#1232446).\n- CVE-2024-50015: ext4: dax: fix overflowing extents beyond inode size when partially writing (bsc#1232079).\n- CVE-2024-50020: ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count() (bsc#1231989).\n- CVE-2024-50021: ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins() (bsc#1231957).\n- CVE-2024-50022: device-dax: correct pgoff align in dax_set_mapping() (bsc#1231956).\n- CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954).\n- CVE-2024-50027: thermal: core: Free tzp copy along with the thermal zone (bsc#1231951).\n- CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950).\n- CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914).\n- CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392).\n- CVE-2024-50040: igb: Do not bring the device up after non-fatal error (bsc#1231908).\n- CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907).\n- CVE-2024-50042: ice: Fix increasing MSI-X on VF (bsc#1231906).\n- CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903).\n- CVE-2024-50046: NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902).\n- CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418).\n- CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345).\n- CVE-2024-50060: io_uring: check if we need to reschedule during overflow flush (bsc#1232417).\n- CVE-2024-50063: bpf: Prevent tail call between progs attached to different hooks (bsc#1232435).\n- CVE-2024-50064: zram: free secondary algorithms names (bsc#1231901).\n- CVE-2024-50080: ublk: do not allow user copy for unprivileged device (bsc#1232502).\n- CVE-2024-50081: blk-mq: setup queue -\u003etag_set before initializing hctx (bsc#1232501).\n- CVE-2024-50082: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (bsc#1232500).\n- CVE-2024-50084: net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test() (bsc#1232494).\n- CVE-2024-50087: btrfs: fix uninitialized pointer free on read_alloc_one_name() error (bsc#1232499).\n- CVE-2024-50088: btrfs: fix uninitialized pointer free in add_inode_ref() (bsc#1232498).\n- CVE-2024-50098: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down (bsc#1232881).\n- CVE-2024-50110: xfrm: fix one more kernel-infoleak in algo dumping (bsc#1232885).\n- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).\n- CVE-2024-50124: Bluetooth: ISO: Fix UAF on iso_sock_timeout (bsc#1232926).\n- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).\n- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907).\n- CVE-2024-50128: net: wwan: fix global oob in wwan_rtnl_policy (bsc#1232905).\n- CVE-2024-50130: netfilter: bpf: must hold reference on net namespace (bsc#1232894).\n- CVE-2024-50138: bpf: Use raw_spinlock_t in ringbuf (bsc#1232935).\n- CVE-2024-50139: KVM: arm64: Fix shift-out-of-bounds bug (bsc#1233062).\n- CVE-2024-50145: octeon_ep: add SKB allocation failures handling in __octep_oq_process_rx() (bsc#1233044).\n- CVE-2024-50153: scsi: target: core: Fix null-ptr-deref in target_alloc_device() (bsc#1233061).\n- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).\n- CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050).\n- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).\n- CVE-2024-50169: vsock: Update rx_bytes on read_skb() (bsc#1233320).\n- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).\n- CVE-2024-50177: drm/amd/display: fix a UBSAN warning in DML2.1 (bsc#1233115).\n- CVE-2024-50182: secretmem: disable memfd_secret() if arch cannot set direct map (bsc#1233129).\n- CVE-2024-50184: virtio_pmem: Check device status before requesting flush (bsc#1233135).\n- CVE-2024-50186: net: explicitly clear the sk pointer, when pf-\u003ecreate fails (bsc#1233110).\n- CVE-2024-50192: irqchip/gic-v4: Do not allow a VMOVP on a dying VPE (bsc#1233106).\n- CVE-2024-50225: btrfs: fix error propagation of split bios (bsc#1233193).\n- CVE-2024-50228: mm: shmem: fix data-race in shmem_getattr() (bsc#1233204).\n- CVE-2024-50230: nilfs2: fix kernel bug due to missing clearing of checked flag (bsc#1233206).\n- CVE-2024-50245: fs/ntfs3: Fix possible deadlock in mi_read (bsc#1233203).\n- CVE-2024-50246: fs/ntfs3: Add rough attr alloc_size check (bsc#1233207).\n- CVE-2024-50250: fsdax: dax_unshare_iter needs to copy entire blocks (bsc#1233226).\n- CVE-2024-50252: mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address (bsc#1233201).\n- CVE-2024-50257: netfilter: Fix use-after-free in get_info() (bsc#1233244).\n- CVE-2024-50261: macsec: Fix use-after-free while sending the offloading packet (bsc#1233253).\n- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans (bsc#1233453).\n- CVE-2024-50271: signal: restore the override_rlimit logic (bsc#1233460).\n- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).\n- CVE-2024-50274: idpf: avoid vport access in idpf_get_link_ksettings (bsc#1233463).\n- CVE-2024-50275: arm64/sve: Discard stale CPU state when handling SVE traps (bsc#1233464).\n- CVE-2024-50276: net: vertexcom: mse102x: Fix possible double free of TX skb (bsc#1233465).\n- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).\n- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).\n- CVE-2024-50295: net: arc: fix the device for dma_map_single/dma_unmap_single (bsc#1233484).\n- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).\n- CVE-2024-50298: net: enetc: allocate vf_state during PF probes (bsc#1233487).\n- CVE-2024-53042: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (bsc#1233540).\n- CVE-2024-53043: mctp i2c: handle NULL header address (bsc#1233523).\n- CVE-2024-53048: ice: fix crash on probe for DPLL enabled E810 LOM (bsc#1233721).\n- CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547).\n- CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550).\n- CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568).\n- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).\n- CVE-2024-53079: mm/thp: fix deferred split unqueue naming and locking (bsc#1233570).\n- CVE-2024-53082: virtio_net: Add hash_key_length check (bsc#1233573).\n- CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642).\n- CVE-2024-53110: vp_vdpa: fix id_table array not null terminated error (bsc#1234085).\n- CVE-2024-53121: net/mlx5: fs, lock FTE when checking if active (bsc#1234078).\n- CVE-2024-53138: net/mlx5e: kTLS, Fix incorrect page refcounting (bsc#1234223).\n\nThe following non-security bugs were fixed:\n\n- 9p: explicitly deny setlease attempts (git-fixes).\n- ACPI: CPPC: Add support for setting EPP register in FFH (stable-fixes).\n- ACPI: CPPC: Fix _CPC register setting issue (git-fixes).\n- ACPI: CPPC: Make rmw_lock a raw_spin_lock (git-fixes).\n- ACPI: EC: Do not release locks during operation region accesses (stable-fixes).\n- ACPI: PAD: fix crash in exit_round_robin() (stable-fixes).\n- ACPI: PRM: Clean up guid type in struct prm_handler_info (git-fixes).\n- ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context (git-fixes).\n- ACPI: battery: Fix possible crash when unregistering a battery hook (git-fixes).\n- ACPI: battery: Simplify battery hook locking (stable-fixes).\n- ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue (stable-fixes).\n- ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] (stable-fixes).\n- ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] (stable-fixes).\n- ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[] (stable-fixes).\n- ACPI: resource: Add another DMI match for the TongFang GMxXGxx (stable-fixes).\n- ACPI: video: Add force_vendor quirk for Panasonic Toughbook CF-18 (stable-fixes).\n- ACPICA: Fix memory leak if acpi_ps_get_next_field() fails (stable-fixes).\n- ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails (stable-fixes).\n- ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (stable-fixes).\n- ACPICA: iasl: handle empty connection_node (stable-fixes).\n- ALSA/hda: intel-sdw-acpi: cleanup sdw_intel_scan_controller (stable-fixes).\n- ALSA/hda: intel-sdw-acpi: fetch fwnode once in sdw_intel_scan_controller() (stable-fixes).\n- ALSA/hda: intel-sdw-acpi: simplify sdw-master-count property read (stable-fixes).\n- ALSA: 6fire: Release resources at card release (git-fixes).\n- ALSA: Reorganize kerneldoc parameter names (stable-fixes).\n- ALSA: ac97: bus: Fix the mistake in the comment (git-fixes).\n- ALSA: asihpi: Fix potential OOB array access (stable-fixes).\n- ALSA: caiaq: Use snd_card_free_when_closed() at disconnection (git-fixes).\n- ALSA: core: add isascii() check to card ID generator (stable-fixes).\n- ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (git-fixes).\n- ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() (git-fixes).\n- ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 (stable-fixes).\n- ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 (git-fixes).\n- ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin (git-fixes).\n- ALSA: hda/conexant: fix Z60MR100 startup pop issue (stable-fixes).\n- ALSA: hda/conexant: fix some typos (stable-fixes).\n- ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes).\n- ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs (bsc#1219803).\n- ALSA: hda/realtek - Fixed Clevo platform headset Mic issue (stable-fixes).\n- ALSA: hda/realtek - update set GPIO3 to default for Thinkpad with ALC1318 (git-fixes).\n- ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 (stable-fixes).\n- ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593 (stable-fixes).\n- ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 (stable-fixes).\n- ALSA: hda/realtek: Add support for Samsung Galaxy Book3 360 (NP730QFG) (stable-fixes).\n- ALSA: hda/realtek: Apply quirk for Medion E15433 (bsc#1233298).\n- ALSA: hda/realtek: Enable mic on Vaio VJFH52 (stable-fixes).\n- ALSA: hda/realtek: Enable mute and micmute LED on HP ProBook 430 G8 (stable-fixes).\n- ALSA: hda/realtek: Enable speaker pins for Medion E15443 platform (bsc#1233298).\n- ALSA: hda/realtek: Fix Internal Speaker and Mic boost of Infinix Y4 Max (bsc#1233298).\n- ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 (stable-fixes).\n- ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 (stable-fixes).\n- ALSA: hda/realtek: Fix the push button function for the ALC257 (git-fixes).\n- ALSA: hda/realtek: Limit internal Mic boost on Dell platform (stable-fixes).\n- ALSA: hda/realtek: Refactor and simplify Samsung Galaxy Book init (stable-fixes).\n- ALSA: hda/realtek: Set PCBeep to default value for ALC274 (stable-fixes).\n- ALSA: hda/realtek: Update ALC225 depop procedure (git-fixes).\n- ALSA: hda/realtek: Update ALC256 depop procedure (git-fixes).\n- ALSA: hda/realtek: Update default depop procedure (git-fixes).\n- ALSA: hda/realtek: fix mute/micmute LED for HP mt645 G8 (stable-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs for a HP EliteBook 645 G10 (stable-fixes).\n- ALSA: hda/realtek: tas2781: Fix ROG ALLY X audio (stable-fixes).\n- ALSA: hda/tas2781: Add new quirk for Lenovo Y990 Laptop (stable-fixes).\n- ALSA: hda/tas2781: Add new quirk for Lenovo, ASUS, Dell projects (stable-fixes).\n- ALSA: hda/tas2781: select CRC32 instead of CRC32_SARWATE (git-fixes).\n- ALSA: hda: Poll jack events for LS7A HD-Audio (stable-fixes).\n- ALSA: hda: Show the codec quirk info at probing (stable-fixes).\n- ALSA: hda: Sound support for HP Spectre x360 16 inch model 2024 (stable-fixes).\n- ALSA: hda: tas2781: Fix missing setup at runtime PM (bsc#1230132).\n- ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes).\n- ALSA: ice1712: Remove redundant code in stac9460_dac_vol_put (stable-fixes).\n- ALSA: line6: add hw monitor volume control to POD HD500X (stable-fixes).\n- ALSA: line6: update contact information (stable-fixes).\n- ALSA: mixer_oss: Remove some incorrect kfree_const() usages (git-fixes).\n- ALSA: pcm: Add sanity NULL check for the default mmap fault handler (stable-fixes).\n- ALSA: silence integer wrapping warning (stable-fixes).\n- ALSA: ump: Fix evaluation of MIDI 1.0 FB info (git-fixes).\n- ALSA: us122l: Use snd_card_free_when_closed() at disconnection (git-fixes).\n- ALSA: usb-audio: Add Pioneer DJ/AlphaTheta DJM-A9 Mixer (stable-fixes).\n- ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET (stable-fixes).\n- ALSA: usb-audio: Add input value sanity checks for standard types (stable-fixes).\n- ALSA: usb-audio: Add logitech Audio profile quirk (stable-fixes).\n- ALSA: usb-audio: Add native DSD support for Luxman D-08u (stable-fixes).\n- ALSA: usb-audio: Add quirk for HP 320 FHD Webcam (bsc#1232768).\n- ALSA: usb-audio: Add quirks for Dell WD19 dock (stable-fixes).\n- ALSA: usb-audio: Define macros for quirk table entries (stable-fixes).\n- ALSA: usb-audio: Fix Yamaha P-125 Quirk Entry (stable-fixes).\n- ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes).\n- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (stable-fixes).\n- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (git-fixes).\n- ALSA: usb-audio: Make mic volume workarounds globally applicable (stable-fixes).\n- ALSA: usb-audio: Replace complex quirk lines with macros (stable-fixes).\n- ALSA: usb-audio: Use snprintf instead of sprintf in build_mixer_unit_ctl (stable-fixes).\n- ALSA: usb-audio: add mixer mapping for Corsair HS80 (stable-fixes).\n- ALSA: usx2y: Use snd_card_free_when_closed() at disconnection (git-fixes).\n- ASoC: Intel: avs: da7219: Remove suspend_pre() and resume_post() (stable-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet (stable-fixes).\n- ASoC: Intel: bytcr_rt5640: Add support for non ACPI instantiated codec (stable-fixes).\n- ASoC: Intel: sst: Fix used of uninitialized ctx to log an error (git-fixes).\n- ASoC: Intel: sst: Support LPE0F28 ACPI HID (stable-fixes).\n- ASoC: SOF: Add i2s bt dai configuration support for AMD platforms (bsc#1233305).\n- ASoC: SOF: Add support for configuring PDM interface from topology (bsc#1233305).\n- ASoC: SOF: Deprecate invalid enums in IPC3 (bsc#1233305).\n- ASoC: SOF: IPC4: get pipeline priority from topology (bsc#1233305).\n- ASoC: SOF: IPC4: synchronize fw_config_params with fw definitions (bsc#1233305).\n- ASoC: SOF: Refactor sof_i2s_tokens reading to update acpbt dai (bsc#1233305).\n- ASoC: SOF: Rename amd_bt sof_dai_type (bsc#1233305).\n- ASoC: SOF: Wire up buffer flags (bsc#1233305).\n- ASoC: SOF: add alignment for topology header file struct definition (bsc#1233305).\n- ASoC: SOF: align topology header file with sof topology header (bsc#1233305).\n- ASoC: SOF: ipc3-topology: Convert the topology pin index to ALH dai index (git-fixes).\n- ASoC: SOF: ipc3-topology: fix resource leaks in sof_ipc3_widget_setup_comp_dai() (git-fixes).\n- ASoC: SOF: ipc4-control: Add support for ALSA enum control (bsc#1233305).\n- ASoC: SOF: ipc4-control: Add support for ALSA switch control (bsc#1233305).\n- ASoC: SOF: ipc4-mtrace: move debug slot related definitions to header.h (bsc#1233305).\n- ASoC: SOF: ipc4-topology: Add deep buffer size to debug prints (bsc#1233305).\n- ASoC: SOF: ipc4-topology: Add definition for generic switch/enum control (bsc#1233305).\n- ASoC: SOF: ipc4-topology: Add module ID print during module set up (bsc#1233305).\n- ASoC: SOF: ipc4-topology: Helper to find an swidget by module/instance id (bsc#1233305).\n- ASoC: SOF: ipc4-topology: Only handle dai_config with HW_PARAMS for ChainDMA (bsc#1233305).\n- ASoC: SOF: ipc4-topology: change chain_dma handling in dai_config (bsc#1233305).\n- ASoC: SOF: ipc4-topology: export sof_ipc4_copier_is_single_format (bsc#1233305).\n- ASoC: SOF: ipc4-topology: set config_length based on device_count (bsc#1233305).\n- ASoC: SOF: ipc4: Add data struct for module notification message from firmware (bsc#1233305).\n- ASoC: SOF: ipc4: Add new message type: SOF_IPC4_GLB_LOAD_LIBRARY_PREPARE (bsc#1233305).\n- ASoC: SOF: sof-client-probes-ipc4: Set param_size extension bits (git-fixes).\n- ASoC: SOF: topology: Parse DAI type token for dspless mode (bsc#1233305).\n- ASoC: SOF: topology: dynamically allocate and store DAI widget-\u003eprivate (bsc#1233305).\n- ASoC: amd: yc: Add quirk for ASUS Vivobook S15 M3502RA (stable-fixes).\n- ASoC: amd: yc: Add quirk for HP Dragonfly pro one (stable-fixes).\n- ASoC: amd: yc: Fix for enabling DMIC on acp6x via _DSD entry (git-fixes).\n- ASoC: amd: yc: Fix non-functional mic on ASUS E1404FA (stable-fixes).\n- ASoC: amd: yc: Support dmic on another model of Lenovo Thinkpad E14 Gen 6 (stable-fixes).\n- ASoC: amd: yc: fix internal mic on Xiaomi Book Pro 14 2022 (stable-fixes).\n- ASoC: atmel: mchp-pdmc: Skip ALSA restoration if substream runtime is uninitialized (git-fixes).\n- ASoC: audio-graph-card2: Purge absent supplies for device tree nodes (stable-fixes).\n- ASoC: codecs: Fix atomicity violation in snd_soc_component_get_drvdata() (git-fixes).\n- ASoC: codecs: lpass-rx-macro: add missing CDC_RX_BCL_VBAT_RF_PROC2 to default regs values (stable-fixes).\n- ASoC: codecs: rt5640: Always disable IRQs from rt5640_cancel_work() (stable-fixes).\n- ASoC: codecs: wsa883x: Handle reading version failure (stable-fixes).\n- ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() (git-fixes).\n- ASoC: dapm: fix bounds checker error in dapm_widget_list_create (git-fixes).\n- ASoC: fsl_micfil: Add sample rate constraint (stable-fixes).\n- ASoC: fsl_micfil: fix regmap_write_bits usage (git-fixes).\n- ASoC: fsl_sai: Enable \u0027FIFO continue on error\u0027 FCONT bit (stable-fixes).\n- ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m (git-fixes).\n- ASoC: max98388: Fix missing increment of variable slot_found (git-fixes).\n- ASoC: mediatek: mt8188-mt6359: Remove hardcoded dmic codec (git-fixes).\n- ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).\n- ASoC: qcom: sm8250: add qrb4210-rb2-sndcard compatible string (stable-fixes).\n- ASoC: rt722-sdca: Remove logically deadcode in rt722-sdca.c (git-fixes).\n- ASoC: rt722-sdca: increase clk_stop_timeout to fix clock stop issue (stable-fixes).\n- ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove (git-fixes).\n- ASoC: stm: Prevent potential division by zero in stm32_sai_get_clk_div() (stable-fixes).\n- ASoC: stm: Prevent potential division by zero in stm32_sai_mclk_round_rate() (stable-fixes).\n- ASoC: tas2781: Add new driver version for tas2563 \u0026 tas2781 qfn chip (stable-fixes).\n- ASoC: tas2781: Use of_property_read_reg() (stable-fixes).\n- Bluetooth: Call iso_exit() on module unload (git-fixes).\n- Bluetooth: ISO: Fix multiple init when debugfs is disabled (git-fixes).\n- Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync (git-fixes).\n- Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (git-fixes).\n- Bluetooth: Remove debugfs directory on module init failure (git-fixes).\n- Bluetooth: bnep: fix wild-memory-access in proto_unregister (git-fixes).\n- Bluetooth: btintel: Direct exception event to bluetooth stack (git-fixes).\n- Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).\n- Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test (bsc#1230557)\n- Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0489:0xe122 (stable-fixes).\n- Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 (git-fixes).\n- Bluetooth: fix use-after-free in device_for_each_child() (git-fixes).\n- Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs (git-fixes).\n- Bluetooth: hci_core: Fix calling mgmt_device_connected (git-fixes).\n- Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (git-fixes).\n- Documentation: kgdb: Correct parameter error (git-fixes).\n- HID: Ignore battery for all ELAN I2C-HID devices (stable-fixes).\n- HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() (git-fixes).\n- HID: core: zero-initialize the report buffer (git-fixes).\n- HID: i2c-hid: Remove I2C_HID_QUIRK_SET_PWR_WAKEUP_DEV quirk (stable-fixes).\n- HID: lenovo: Add support for Thinkpad X1 Tablet Gen 3 keyboard (stable-fixes).\n- HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad (stable-fixes).\n- HID: multitouch: Add quirk for Logitech Bolt receiver w/ Casa touchpad (stable-fixes).\n- HID: multitouch: Add support for B2402FVA track point (stable-fixes).\n- HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio (stable-fixes).\n- HID: multitouch: Add support for lenovo Y9000P Touchpad (stable-fixes).\n- HID: plantronics: Workaround for an unexcepted opposite volume key (stable-fixes).\n- HID: wacom: Interpret tilt data from Intuos Pro BT as signed values (git-fixes).\n- HID: wacom: fix when get product name maybe null pointer (git-fixes).\n- Input: adp5589-keys - fix NULL pointer dereference (git-fixes).\n- Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes).\n- Input: edt-ft5x06 - fix regmap leak when probe fails (git-fixes).\n- Input: hideep - add missing dependency on REGMAP_I2C (git-fixes).\n- Input: hycon-hy46xx - add missing dependency on REGMAP_I2C (git-fixes).\n- Input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042 quirk table (stable-fixes).\n- Input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk table (stable-fixes).\n- Input: i8042 - add another board name for TUXEDO Stellaris Gen5 AMD line (stable-fixes).\n- Input: xpad - add GameSir T4 Kaleid Controller support (git-fixes).\n- Input: xpad - add GameSir VID for Xbox One controllers (git-fixes).\n- Input: xpad - add support for 8BitDo Ultimate 2C Wireless Controller (git-fixes).\n- Input: xpad - add support for MSI Claw A1M (git-fixes).\n- Input: xpad - add support for Machenike G5 Pro Controller (git-fixes).\n- Input: xpad - fix support for some third-party controllers (git-fixes).\n- Input: xpad - sort xpad_device by vendor and product ID (git-fixes).\n- Input: xpad - spelling fixes for \"Xbox\" (git-fixes).\n- KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit (git-fixes).\n- KVM: PPC: Book3S HV: Avoid returning to nested hypervisor on pending doorbells (bsc#1215199).\n- KVM: PPC: Book3S HV: Stop using vc-\u003edpdes for nested KVM guests (bsc#1215199).\n- KVM: PPC: Book3S HV: remove unused varible (bsc#1194869).\n- KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT guests (bsc#1232207).\n- KVM: SEV-ES: Prevent MSR access post VMSA encryption (bsc#1232207).\n- KVM: SVM: Disallow guest from changing userspace\u0027s MSR_AMD64_DE_CFG value (git-fixes).\n- KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock (git-fixes).\n- KVM: VMX: Also clear SGX EDECCSSA in KVM CPU caps when SGX is disabled (git-fixes).\n- KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if the GVA is valid (git-fixes).\n- KVM: Write the per-page \"segment\" when clearing (part of) a guest page (git-fixes).\n- KVM: s390: Change virtual to physical address access in diag 0x258 handler (git-fixes bsc#1232626).\n- KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (git-fixes bsc#1231276).\n- KVM: s390: gaccess: Check if guest address is in memslot (git-fixes bsc#1232623).\n- KVM: x86/mmu: Skip emulation on page fault iff 1+ SPs were unprotected (git-fixes).\n- KVM: x86/mmu: Trigger unprotect logic only on write-protection page faults (git-fixes).\n- KVM: x86: Dedup fastpath MSR post-handling logic (git-fixes).\n- KVM: x86: Enforce x2APIC\u0027s must-be-zero reserved ICR bits (git-fixes).\n- KVM: x86: Exit to userspace if fastpath triggers one on instruction skip (git-fixes).\n- KVM: x86: Move x2APIC ICR helper above kvm_apic_write_nodecode() (git-fixes).\n- KVM: x86: Re-enter guest if WRMSR(X2APIC_ICR) fastpath is successful (git-fixes).\n- KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes).\n- NFS: Avoid unnecessary rescanning of the per-server delegation list (git-fixes).\n- NFS: remove revoked delegation from server\u0027s delegation list (git-fixes).\n- NFSD: Fix NFSv4\u0027s PUTPUBFH operation (git-fixes).\n- NFSD: Mark filecache \"down\" if init fails (git-fixes).\n- NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016).\n- NFSv4: Fix clearing of layout segments in layoutreturn (git-fixes).\n- PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes).\n- PCI: Add T_PVPERL macro (git-fixes).\n- PCI: Add function 0 DMA alias quirk for Glenfly Arise chip (stable-fixes).\n- PCI: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019).\n- PCI: Fix reset_method_store() memory leak (git-fixes).\n- PCI: Mark Creative Labs EMU20k2 INTx masking as broken (stable-fixes).\n- PCI: endpoint: Clear secondary (not primary) EPC in pci_epc_remove_epf() (git-fixes).\n- PCI: j721e: Deassert PERST# after a delay of PCIE_T_PVPERL_MS milliseconds (git-fixes).\n- PCI: keystone: Add link up check to ks_pcie_other_map_bus() (git-fixes).\n- PCI: keystone: Set mode as Root Complex for \"ti,keystone-pcie\" compatible (git-fixes).\n- PCI: rockchip-ep: Fix address translation unit programming (git-fixes).\n- RAS/AMD/ATL: Add amd_atl pr_fmt() prefix (jsc#PED-10559).\n- RAS/AMD/ATL: Expand helpers for adding and removing base and hole (jsc#PED-10559).\n- RAS/AMD/ATL: Implement DF 4.5 NP2 denormalization (jsc#PED-10559).\n- RAS/AMD/ATL: Read DRAM hole base early (jsc#PED-10559).\n- RAS/AMD/ATL: Validate address map when information is gathered (jsc#PED-10559).\n- RDMA/bnxt_re: Add a check for memory allocation (git-fixes)\n- RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop (git-fixes)\n- RDMA/bnxt_re: Change the sequence of updating the CQ toggle value (git-fixes)\n- RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (git-fixes)\n- RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes)\n- RDMA/bnxt_re: Fix a possible memory leak (git-fixes)\n- RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes)\n- RDMA/bnxt_re: Fix incorrect dereference of srq in async event (git-fixes)\n- RDMA/bnxt_re: Fix out of bound check (git-fixes)\n- RDMA/bnxt_re: Fix the GID table length (git-fixes)\n- RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes)\n- RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes)\n- RDMA/bnxt_re: Return more meaningful error (git-fixes)\n- RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes)\n- RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes)\n- RDMA/cxgb4: Dump vendor specific QP details (git-fixes)\n- RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes)\n- RDMA/hns: Add mutex_destroy() (git-fixes)\n- RDMA/hns: Disassociate mmap pages for all uctx when HW is being reset (git-fixes)\n- RDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg() (git-fixes)\n- RDMA/hns: Fix an AEQE overflow error caused by untimely update of eq_db_ci (git-fixes)\n- RDMA/hns: Fix cpu stuck caused by printings during reset (git-fixes)\n- RDMA/hns: Fix different dgids mapping to the same dip_idx (git-fixes)\n- RDMA/hns: Fix flush cqe error when racing with destroy qp (git-fixes)\n- RDMA/hns: Fix out-of-order issue of requester when setting FENCE (git-fixes)\n- RDMA/hns: Use dev_* printings in hem code instead of ibdev_* (git-fixes)\n- RDMA/hns: Use macro instead of magic number (git-fixes)\n- RDMA/irdma: Fix misspelling of \"accept*\" (git-fixes)\n- RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes)\n- RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (git-fixes).\n- RDMA/mana_ib: use the correct page table index based on hardware page size (git-fixes).\n- RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults (git-fixes)\n- RDMA/mlx5: Move events notifier registration to be after device registration (git-fixes)\n- RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git-fixes)\n- RDMA/mlx5: Use sq timestamp as QP timestamp when RoCE is disabled (git-fixes).\n- RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git-fixes)\n- RDMA/rxe: Fix the qp flush warnings in req (git-fixes)\n- RDMA/rxe: Set queue pair cur_qp_state when being queried (git-fixes)\n- RDMA/siw: Add sendpage_ok() check to disable MSG_SPLICE_PAGES (git-fixes)\n- RDMA/srpt: Make slab cache names unique (git-fixes)\n- SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes).\n- SUNRPC: Fixup gss_status tracepoint error output (git-fixes).\n- SUNRPC: Remove BUG_ON call sites (git-fixes).\n- SUNRPC: clnt.c: Remove misleading comment (git-fixes).\n- USB: appledisplay: close race between probe and completion handler (git-fixes).\n- USB: chaoskey: Fix possible deadlock chaoskey_list_lock (git-fixes).\n- USB: chaoskey: fail open after removal (git-fixes).\n- USB: gadget: dummy-hcd: Fix \"task hung\" problem (git-fixes).\n- USB: misc: cypress_cy7c63: check for short transfer (git-fixes).\n- USB: misc: yurex: fix race between read and write (git-fixes).\n- USB: serial: ftdi_sio: Fix atomicity violation in get_serial_info() (git-fixes).\n- USB: serial: io_edgeport: fix use after free in debug printk (git-fixes).\n- USB: serial: option: add Fibocom FG132 0x0112 composition (stable-fixes).\n- USB: serial: option: add Quectel RG650V (stable-fixes).\n- USB: serial: option: add Telit FN920C04 MBIM compositions (stable-fixes).\n- USB: serial: option: add support for Quectel EG916Q-GL (stable-fixes).\n- USB: serial: qcserial: add support for Sierra Wireless EM86xx (stable-fixes).\n- Use pahole -j1 option for reproducible builds (bsc#1230414 bsc#1229450).\n- accel/qaic: Fix the for loop used to walk SG table (git-fixes).\n- accel: Use XArray instead of IDR for minors (jsc#PED-11580).\n- acpi/arm64: Adjust error handling procedure in gtdt_parse_timer_block() (git-fixes).\n- ad7780: fix division by zero in ad7780_write_raw() (git-fixes).\n- aes-gcm-p10: Use the correct bit to test for P10 (bsc#1232704).\n- amd-pstate: Set min_perf to nominal_perf for active mode performance gov (git-fixes).\n- apparmor: fix \u0027Do simple duplicate message elimination\u0027 (git-fixes).\n- apparmor: test: Fix memory leak for aa_unpack_strdup() (git-fixes).\n- apparmor: use kvfree_sensitive to free data-\u003edata (git-fixes).\n- arm64: Subscribe Microsoft Azure Cobalt 100 to erratum 3194386 (git-fixes)\n- arm64: cputype: Add Neoverse-N3 definitions (git-fixes)\n- arm64: dts: allwinner: pinephone: Add mount matrix to accelerometer (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin: Fix SD regulator startup delay (git-fixes)\n- arm64: dts: freescale: imx8mp-verdin: Fix SD regulator startup delay (git-fixes)\n- arm64: dts: imx8-ss-vpu: Fix imx8qm VPU IRQs (git-fixes)\n- arm64: dts: imx8qxp: Add VPU subsystem file (git-fixes)\n- arm64: dts: imx93: add nvmem property for eqos (git-fixes)\n- arm64: dts: imx93: add nvmem property for fec1 (git-fixes)\n- arm64: dts: imx93: add ocotp node (git-fixes)\n- arm64: dts: rockchip: Add DTS for FriendlyARM NanoPi R2S Plus (git-fixes)\n- arm64: dts: rockchip: Correct GPIO polarity on brcm BT nodes (git-fixes)\n- arm64: dts: rockchip: Fix LED triggers on rk3308-roc-cc (git-fixes)\n- arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (git-fixes)\n- arm64: dts: rockchip: Fix bluetooth properties on rk3566 box demo (git-fixes)\n- arm64: dts: rockchip: Fix reset-gpios property on brcm BT nodes (git-fixes)\n- arm64: dts: rockchip: Fix rt5651 compatible value on (git-fixes)\n- arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-eaidk-610 (git-fixes)\n- arm64: dts: rockchip: Fix wakeup prop names on PineNote BT node (git-fixes)\n- arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma (git-fixes)\n- arm64: dts: rockchip: Remove hdmi\u0027s 2nd interrupt on rk3328 (git-fixes)\n- arm64: dts: rockchip: Remove undocumented supports-emmc property (git-fixes)\n- arm64: dts: rockchip: fix i2c2 pinctrl-names property on (git-fixes)\n- arm64: dts: rockchip: remove num-slots property from (git-fixes)\n- arm64: dts: rockchip: remove orphaned pinctrl-names from pinephone (git-fixes)\n- arm64: errata: Enable the AC03_CPU_38 workaround for ampere1a (git-fixes).\n- arm64: errata: Expand speculative SSBS workaround once more (git-fixes)\n- arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes)\n- arm64: fix .data.rel.ro size assertion when CONFIG_LTO_CLANG (git-fixes)\n- arm64: fix selection of HAVE_DYNAMIC_FTRACE_WITH_ARGS (git-fixes).\n- arm64: probes: Fix simulate_ldr*_literal() (git-fixes)\n- arm64: probes: Fix uprobes for big-endian kernels (git-fixes)\n- arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes)\n- arm64: smccc: Remove broken support for SMCCCv1.3 SVE discard hint (git-fixes)\n- arm64: smccc: replace custom COUNT_ARGS() \u0026 CONCATENATE() (git-fixes)\n- arm64: tegra: Move AGX Orin nodes to correct location (git-fixes)\n- arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (git-fixes)\n- ata: libata: Set DID_TIME_OUT for commands that actually timed out (git-fixes).\n- ata: libata: avoid superfluous disk spin down + spin up during hibernation (git-fixes).\n- audit: do not WARN_ON_ONCE(!current-\u003emm) in audit_exe_compare() (git-fixes).\n- audit: do not take task_lock() in audit_exe_compare() code path (git-fixes).\n- block: print symbolic error name instead of error code (bsc#1231872).\n- block: sed-opal: add ioctl IOC_OPAL_SET_SID_PW (bsc#1229677).\n- bnxt_en: Cap the size of HWRM_PORT_PHY_QCFG forwarded response (git-fixes).\n- bnxt_en: Fix error recovery for 5760X (P7) chips (git-fixes).\n- bnxt_en: Fix the PCI-AER routines (git-fixes).\n- bnxt_en: Restore PTP tx_avail count in case of skb_pad() error (git-fixes).\n- bnxt_en: refactor reset close code (git-fixes).\n- bpf, arm64: Fix address emission with tag-based KASAN enabled (git-fixes)\n- bpf, arm64: Remove garbage frame for struct_ops trampoline (git-fixes)\n- bpf, lsm: Add disabled BPF LSM hook list (git-fixes).\n- bpf, net: Fix a potential race in do_sock_getsockopt() (git-fixes).\n- bpf, sockmap: SK_DROP on attempted redirects of unsupported af_vsock (git-fixes).\n- bpf, verifier: Correct tail_call_reachable for bpf prog (git-fixes).\n- bpf, vsock: Drop static vsock_bpf_prot initialization (git-fixes).\n- bpf, x64: Remove tail call detection (git-fixes).\n- bpf,perf: Fix perf_event_detach_bpf_prog error handling (git-fixes).\n- bpf: Fail verification for sign-extension of packet data/data_end/data_meta (git-fixes).\n- bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit (git-fixes).\n- bpf: Fix error message on kfunc arg type mismatch (git-fixes).\n- bpf: Fix helper writes to read-only maps (git-fixes).\n- bpf: Fix tailcall cases in test_bpf (git-fixes).\n- bpf: Fix truncation bug in coerce_reg_to_size_sx() (git-fixes).\n- bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types (git-fixes).\n- bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers (git-fixes).\n- bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error (git-fixes).\n- bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos (git-fixes).\n- btf, scripts: rust: drop is_rust_module.sh (bsc#1230414 bsc#1229450).\n- btrfs: merge btrfs_orig_bbio_end_io() into btrfs_bio_end_io() (bsc#1233193)\n- btrfs: send: fix invalid clone operation for file that got its size decreased (git-fixes).\n- can: c_can: c_can_handle_bus_err(): update statistics if skb allocation fails (git-fixes).\n- can: c_can: fix {rx,tx}_errors statistics (git-fixes).\n- can: dev: can_set_termination(): allow sleeping GPIOs (git-fixes).\n- can: ems_usb: ems_usb_rx_err(): fix {rx,tx}_errors statistics (git-fixes).\n- can: hi311x: hi3110_can_ist(): fix potential use-after-free (git-fixes).\n- can: hi311x: hi3110_can_ist(): fix {rx,tx}_errors statistics (git-fixes).\n- can: ifi_canfd: ifi_canfd_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes).\n- can: j1939: j1939_session_new(): fix skb reference counting (git-fixes).\n- can: m_can: m_can_handle_lec_err(): fix {rx,tx}_errors statistics (git-fixes).\n- can: mcp251xfd: mcp251xfd_get_tef_len(): fix length calculation (git-fixes).\n- can: mcp251xfd: mcp251xfd_get_tef_len(): work around erratum DS80000789E 6 (git-fixes).\n- can: mcp251xfd: mcp251xfd_ring_alloc(): fix coalescing configuration when switching CAN modes (git-fixes).\n- can: netlink: avoid call to do_set_data_bittiming callback with stale can_priv::ctrlmode (stable-fixes).\n- can: sja1000: sja1000_err(): fix {rx,tx}_errors statistics (git-fixes).\n- can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL (git-fixes).\n- can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics (git-fixes).\n- ceph: fix cap ref leak via netfs init_request (bsc#1231384).\n- cgroup/bpf: only cgroup v2 can be attached by bpf programs (bsc#1234108).\n- clk: bcm: bcm53573: fix OF node leak in init (stable-fixes).\n- clk: clk-apple-nco: Add NULL check in applnco_probe (git-fixes).\n- clk: clk-axi-clkgen: make sure to enable the AXI bus clock (git-fixes).\n- clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (stable-fixes).\n- clk: imx: clk-scu: fix clk enable state save and restore (git-fixes).\n- clk: imx: fracn-gppll: correct PLL initialization flow (git-fixes).\n- clk: imx: fracn-gppll: fix pll power up (git-fixes).\n- clk: imx: lpcg-scu: SW workaround for errata (e10858) (git-fixes).\n- clk: qcom: clk-alpha-pll: drop lucid-evo pll enabled warning (git-fixes).\n- clk: qcom: clk-alpha-pll: fix lucid 5lpe pll enabled check (git-fixes).\n- clk: qcom: gcc-qcs404: fix initial rate of GPLL3 (git-fixes).\n- clk: renesas: rzg2l: Fix FOUTPOSTDIV clk (git-fixes).\n- clk: sunxi-ng: d1: Fix PLL_AUDIO0 preset (git-fixes).\n- comedi: Flush partial mappings in error case (git-fixes).\n- comedi: ni_routing: tools: Check when the file could not be opened (stable-fixes).\n- config s390x: build ultravisor userspace access into the kernel (bsc#1232090)\n- config.sh: Remove Arm build project, we do not build armv7 configs\n- config: Disable LAM on x86 (bsc#1217845)\n- cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems (git-fixes).\n- cpufreq: CPPC: Fix possible null-ptr-deref for cppc_get_cpu_cost() (git-fixes).\n- cpufreq: CPPC: Fix possible null-ptr-deref for cpufreq_cpu_get_raw() (git-fixes).\n- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_cost() (git-fixes).\n- cpufreq: CPPC: Fix wrong return value in cppc_get_cpu_power() (git-fixes).\n- cpufreq: loongson2: Unregister platform_driver on failure (git-fixes).\n- cpufreq: mediatek-hw: Fix wrong return value in mtk_cpufreq_get_cpu_power() (git-fixes).\n- crypto: aes-gcm-p10 - Use the correct bit to test for P10 (bsc#1232704).\n- crypto: api - Fix liveliness check in crypto_alg_tested (stable-fixes).\n- crypto: bcm - add error check in the ahash_hmac_init function (git-fixes).\n- crypto: caam - Fix the pointer passed to caam_qi_shutdown() (git-fixes).\n- crypto: caam - add error check to caam_rsa_set_priv_key_form (git-fixes).\n- crypto: cavium - Fix an error handling path in cpt_ucode_load_fw() (git-fixes).\n- crypto: cavium - Fix the if condition to exit loop after timeout (git-fixes).\n- crypto: hisilicon/qm - flush all work before driver removed (bsc#1232075)\n- crypto: inside-secure - Fix the return value of safexcel_xcbcmac_cra_init() (git-fixes).\n- crypto: octeontx - Fix authenc setkey (stable-fixes).\n- crypto: octeontx* - Select CRYPTO_AUTHENC (git-fixes).\n- crypto: octeontx2 - Fix authenc setkey (stable-fixes).\n- crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (git-fixes).\n- crypto: powerpc/p10-aes-gcm - Add dependency on CRYPTO_SIMD and re-enable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632).\n- crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632).\n- crypto: powerpc/p10-aes-gcm - Re-write AES/GCM stitched implementation (bsc#1230501 ltc#208632).\n- crypto: powerpc/p10-aes-gcm - Register modules as SIMD (bsc#1230501 ltc#208632).\n- crypto: qat - remove check after debugfs_create_dir() (git-fixes).\n- crypto: qat - remove faulty arbiter config reset (git-fixes).\n- crypto: qat/qat_4xxx - fix off by one in uof_get_name() (git-fixes).\n- crypto: x86/aegis128 - access 32-bit arguments as 32-bit (git-fixes).\n- cxgb4: Properly lock TX queue for the selftest (git-fixes).\n- cxgb4: add forgotten u64 ivlan cast before shift (git-fixes).\n- cxgb4: unnecessary check for 0 in the free_sge_txq_uld() function (git-fixes).\n- cxl: downgrade a warning message to debug level in cxl_probe_component_regs() (bsc#1229165).\n- dcache: keep dentry_hashtable or d_hash_shift even when not used (git-fixes).\n- debugfs: fix automount d_fsdata usage (git-fixes).\n- devlink: Fix command annotation documentation (git-fixes).\n- dma-fence: Fix reference leak on fence merge failure path (git-fixes).\n- dma-fence: Use kernel\u0027s sort for merging fences (git-fixes).\n- dmaengine: sh: rz-dmac: handle configs where one address is zero (git-fixes).\n- dmaengine: ti: k3-udma: Set EOP for all TRs in cyclic BCDMA transfer (git-fixes).\n- doc: rcu: update printed dynticks counter bits (git-fixes).\n- driver core: bus: Fix double free in driver API bus_register() (stable-fixes).\n- driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute (stable-fixes).\n- drivers: soc: xilinx: add the missing kfree in xlnx_add_cb_for_suspend() (git-fixes).\n- drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring (git-fixes).\n- drm/amd/display: Add HDMI DSC native YCbCr422 support (stable-fixes).\n- drm/amd/display: Add disable timeout option (bsc#1231435)\n- drm/amd/display: Adjust VSDB parser for replay feature (stable-fixes).\n- drm/amd/display: Check link_res-\u003ehpo_dp_link_enc before using it (bsc#1231944)\n- drm/amd/display: Check null pointer before dereferencing se (stable-fixes).\n- drm/amd/display: Clean up dsc blocks in accelerated mode (stable-fixes).\n- drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too (stable-fixes).\n- drm/amd/display: Fix brightness level not retained over reboot (git-fixes).\n- drm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in dcn20_program_pipe (git-fixes).\n- drm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in hwss_setup_dpp (git-fixes).\n- drm/amd/display: Remove a redundant check in authenticated_dp (stable-fixes).\n- drm/amd/display: Revert \"Check HDCP returned status\" (stable-fixes).\n- drm/amd/display: Round calculated vtotal (stable-fixes).\n- drm/amd/display: Skip to enable dsc if it has been off (stable-fixes).\n- drm/amd/display: Validate backlight caps are sane (stable-fixes).\n- drm/amd/pm: Vangogh: Fix kernel memory out of bounds write (git-fixes).\n- drm/amd: Add some missing straps from NBIO 7.11.0 (git-fixes).\n- drm/amd: Fix initialization mistake for NBIO 7.7.0 (stable-fixes).\n- drm/amd: Guard against bad data for ATIF ACPI method (git-fixes).\n- drm/amdgpu/swsmu: Only force workload setup on init (git-fixes).\n- drm/amdgpu/vcn: enable AV1 on both instances (stable-fixes).\n- drm/amdgpu: Adjust debugfs eviction and IB access permissions (stable-fixes).\n- drm/amdgpu: Adjust debugfs register access permissions (stable-fixes).\n- drm/amdgpu: Fix DPX valid mode check on GC 9.4.3 (git-fixes).\n- drm/amdgpu: Fix JPEG v4.0.3 register write (git-fixes).\n- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() (stable-fixes).\n- drm/amdgpu: fix check in gmc_v9_0_get_vm_pte() (git-fixes).\n- drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported (git-fixes).\n- drm/amdkfd: Accounting pdd vram_usage for svm (stable-fixes).\n- drm/amdkfd: Fix wrong usage of INIT_WORK() (git-fixes).\n- drm/bridge: anx7625: Drop EDID cache on bridge power off (git-fixes).\n- drm/bridge: it6505: Drop EDID cache on bridge power off (git-fixes).\n- drm/bridge: tc358767: Fix link properties discovery (git-fixes).\n- drm/bridge: tc358768: Fix DSI command tx (git-fixes).\n- drm/etnaviv: Request pages from DMA32 zone on addressing_limited (git-fixes).\n- drm/etnaviv: hold GPU lock across perfmon sampling (git-fixes).\n- drm/i915/gem: fix bitwise and logical AND mixup (git-fixes).\n- drm/i915/hdcp: fix connector refcounting (git-fixes).\n- drm/imx/dcss: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).\n- drm/imx/ipuv3: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).\n- drm/mediatek: Fix child node refcount handling in early exit (git-fixes).\n- drm/mediatek: Fix get efuse issue for MT8188 DPTX (git-fixes).\n- drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused (git-fixes).\n- drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).\n- drm/msm/dpu: cast crtc_clk calculation to u64 in _dpu_core_perf_calc_clk() (git-fixes).\n- drm/msm/dpu: check for overflow in _dpu_crtc_setup_lm_bounds() (git-fixes).\n- drm/msm/dpu: do not always program merge_3d block (git-fixes).\n- drm/msm/dpu: drop LM_3 / LM_4 on MSM8998 (git-fixes).\n- drm/msm/dpu: drop LM_3 / LM_4 on SDM845 (git-fixes).\n- drm/msm/dpu: make sure phys resources are properly initialized (git-fixes).\n- drm/msm/dpu: move CRTC resource assignment to dpu_encoder_virt_atomic_check (git-fixes).\n- drm/msm/dpu: on SDM845 move DSPP_3 to LM_5 block (git-fixes).\n- drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation (git-fixes).\n- drm/msm/dsi: improve/fix dsc pclk calculation (git-fixes).\n- drm/msm/gpu: Check the status of registration to PM QoS (git-fixes).\n- drm/msm: Allocate memory for disp snapshot with kvzalloc() (git-fixes).\n- drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() (git-fixes).\n- drm/msm: Fix some typos in comment (git-fixes).\n- drm/nouveau/gr/gf100: Fix missing unlock in gf100_gr_chan_new() (git-fixes).\n- drm/omap: Fix locking in omap_gem_new_dmabuf() (git-fixes).\n- drm/omap: Fix possible NULL dereference (git-fixes).\n- drm/panfrost: Add missing OPP table refcnt decremental (git-fixes).\n- drm/panfrost: Remove unused id_mask from struct panfrost_model (git-fixes).\n- drm/radeon: Fix encoder-\u003epossible_clones (git-fixes).\n- drm/rockchip: vop: Fix a dereferenced before check warning (git-fixes).\n- drm/sched: Add locking to drm_sched_entity_modify_sched (git-fixes).\n- drm/sched: Always wake up correct scheduler in drm_sched_entity_push_job (git-fixes).\n- drm/sti: Add __iomem for mixer_dbg_mxn\u0027s parameter (git-fixes).\n- drm/sti: avoid potential dereference of error pointers (git-fixes).\n- drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check (git-fixes).\n- drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check (git-fixes).\n- drm/v3d: Address race-condition in MMU flush (git-fixes).\n- drm/v3d: Enable Performance Counters before clearing them (git-fixes).\n- drm/v3d: Stop the active perfmon before being destroyed (git-fixes).\n- drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA (stable-fixes).\n- drm/vc4: Match drm_dev_enter and exit calls in vc4_hvs_atomic_flush (git-fixes).\n- drm/vc4: Match drm_dev_enter and exit calls in vc4_hvs_lut_load (git-fixes).\n- drm/vc4: Stop the active perfmon before being destroyed (git-fixes).\n- drm/vc4: hdmi: Avoid hang with debug registers when suspended (git-fixes).\n- drm/vc4: hvs: Correct logic on stopping an HVS channel (git-fixes).\n- drm/vc4: hvs: Do not write gamma luts on 2711 (git-fixes).\n- drm/vc4: hvs: Fix dlist debug not resetting the next entry pointer (git-fixes).\n- drm/vc4: hvs: Remove incorrect limit from hvs_dlist debugfs function (git-fixes).\n- drm/vkms: Drop unnecessary call to drm_crtc_cleanup() (git-fixes).\n- drm/vmwgfx: Handle surface check failure correctly (git-fixes).\n- drm/vmwgfx: Limit display layout ioctl array size to VMWGFX_NUM_DISPLAY_UNITS (stable-fixes).\n- drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS (git-fixes).\n- drm: Expand max DRM device number to full MINORBITS (jsc#PED-11580).\n- drm: Use XArray instead of IDR for minors (jsc#PED-11580).\n- drm: use ATOMIC64_INIT() for atomic64_t (git-fixes).\n- drm: xlnx: zynqmp_dpsub: fix hotplug detection (git-fixes).\n- drm: zynqmp_kms: Unplug DRM device before removal (git-fixes).\n- e1000e: Fix S0ix residency on corporate systems (git-fixes).\n- e1000e: Remove Meteor Lake SMBUS workarounds (git-fixes).\n- e1000e: change I219 (19) devices to ADP (git-fixes).\n- e1000e: fix force smbus during suspend flow (git-fixes).\n- e1000e: move force SMBUS near the end of enable_ulp function (git-fixes).\n- efi/libstub: Free correct pointer on failure (git-fixes).\n- efi/libstub: fix efi_parse_options() ignoring the default command line (git-fixes).\n- efi/libstub: zboot.lds: Discard .discard sections (stable-fixes).\n- efi/memattr: Ignore table if the size is clearly bogus (bsc#1231465).\n- efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (stable-fixes).\n- eth: bnxt: fix counting packets discarded due to OOM and netpoll (git-fixes).\n- ext4: do not track ranges in fast_commit if inode has inlined data (bsc#1231635).\n- ext4: fix fast commit inode enqueueing during a full journal commit (bsc#1231636).\n- ext4: fix incorrect tid assumption in ext4_fc_mark_ineligible() (bsc#1231637).\n- ext4: fix possible tid_t sequence overflows (bsc#1231634).\n- ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201)\n- ext4: fix unttached inode after power cut with orphan file feature enabled (bsc#1234009).\n- ext4: mark fc as ineligible using an handle in ext4_xattr_set() (bsc#1231640).\n- ext4: use handle to mark fc as ineligible in __track_dentry_update() (bsc#1231639).\n- f2fs: get out of a repeat loop when getting a locked data page (bsc#1234011).\n- fat: fix uninitialized variable (git-fixes).\n- fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (stable-fixes).\n- fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() (git-fixes).\n- fbdev: sisfb: Fix strbuf array overflow (stable-fixes).\n- fgraph: Change the name of cpuhp state to \"fgraph:online\" (git-fixes).\n- fgraph: Fix missing unlock in register_ftrace_graph() (git-fixes).\n- fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks (git-fixes).\n- filemap: remove use of wait bookmarks (bsc#1224088).\n- firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() (git-fixes).\n- firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() (git-fixes).\n- firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (git-fixes).\n- firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state() (git-fixes).\n- firmware: google: Unregister driver_info on failure (git-fixes).\n- firmware_loader: Fix possible resource leak in fw_log_firmware_info() (git-fixes).\n- fs/9p: drop inodes immediately on non-.L too (git-fixes).\n- fs/9p: fix the cache always being enabled on files with qid flags (git-fixes).\n- fs/ntfs3: Add more attributes checks in mi_enum_attr() (bsc#1233207)\n- fs/ntfs3: Fixed overflow check in mi_enum_attr() (bsc#1233207)\n- fs/ntfs3: Sequential field availability check in mi_enum_attr() (bsc#1233207)\n- fs: Fix uninitialized value issue in from_kuid and from_kgid (git-fixes).\n- genirq/msi: Fix off-by-one error in msi_domain_alloc() (git-fixes).\n- goldfish: Fix unused const variable \u0027goldfish_pipe_acpi_match\u0027 (git-fixes).\n- gpio: aspeed: Add the flush write to ensure the write complete (git-fixes).\n- gpio: aspeed: Use devm_clk api to manage clock source (git-fixes).\n- gpio: davinci: fix lazy disable (git-fixes).\n- gpio: exar: set value when external pull-up or pull-down is present (git-fixes).\n- gpio: zevio: Add missed label initialisation (git-fixes).\n- gve: Fix XDP TX completion handling when counters overflow (git-fixes).\n- gve: Fix an edge case for TSO skb validity check (git-fixes).\n- gve: ignore nonrelevant GSO type bits when processing TSO headers (git-fixes).\n- hid: intel-ish-hid: Fix uninitialized variable \u0027rv\u0027 in ish_fw_xfer_direct_dma (git-fixes).\n- hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes).\n- hv_sock: Initializing vsk-\u003etrans to NULL to prevent a dangling pointer (git-fixes).\n- hwmon: (adm9240) Add missing dependency on REGMAP_I2C (git-fixes).\n- hwmon: (adt7470) Add missing dependency on REGMAP_I2C (git-fixes).\n- hwmon: (max16065) Fix alarm attributes (git-fixes).\n- hwmon: (max16065) Remove use of i2c_match_id() (stable-fixes).\n- hwmon: (mc34vr500) Add missing dependency on REGMAP_I2C (git-fixes).\n- hwmon: (nct6775) add G15CF to ASUS WMI monitoring list (stable-fixes).\n- hwmon: (nct6775-core) Fix overflows seen when writing limit attributes (git-fixes).\n- hwmon: (tmp513) Add missing dependency on REGMAP_I2C (git-fixes).\n- hwmon: (tps23861) Fix reporting of negative temperatures (git-fixes).\n- hwmon: intel-m10-bmc-hwmon: relabel Columbiaville to CVL Die Temperature (git-fixes).\n- i2c: core: Setup i2c_adapter runtime-pm before calling device_add() (git-fixes).\n- i2c: core: fix lockdep warning for sparsely nested adapter chain (git-fixes).\n- i2c: cpm: Remove linux,i2c-index conversion from be32 (git-fixes).\n- i2c: designware: do not hold SCL low when I2C_DYNAMIC_TAR_UPDATE is not set (git-fixes).\n- i2c: exynos5: Calculate t_scl_l, t_scl_h according to i2c spec (git-fixes).\n- i2c: i801: Add lis3lv02d for Dell Precision 3540 (git-fixes).\n- i2c: i801: Add lis3lv02d for Dell XPS 15 7590 (git-fixes).\n- i2c: i801: Use a different adapter-name for IDF adapters (stable-fixes).\n- i2c: i801: add helper i801_restore_regs (git-fixes).\n- i2c: ismt: kill transaction in hardware on timeout (git-fixes).\n- i2c: ocores: Move system PM hooks to the NOIRQ phase (git-fixes).\n- i2c: ocores: Remove #ifdef guards for PM related functions (git-fixes).\n- i2c: omap: switch to NOIRQ_SYSTEM_SLEEP_PM_OPS() and RUNTIME_PM_OPS() (git-fixes).\n- i2c: omap: wakeup the controller during suspend() callback (git-fixes).\n- i2c: rcar: properly format a debug output (git-fixes).\n- i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume (git-fixes).\n- i2c: stm32f7: perform most of irq job in threaded handler (git-fixes).\n- i2c: synquacer: Deal with optional PCLK correctly (git-fixes).\n- i2c: synquacer: Remove a clk reference from struct synquacer_i2c (stable-fixes).\n- i2c: xiic: Try re-initialization on bus busy timeout (git-fixes).\n- i2c: xiic: improve error message when transfer fails to start (stable-fixes).\n- i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() (git-fixes).\n- i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (stable-fixes).\n- i3c: master: svc: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).\n- i40e: Fix XDP program unloading while removing the driver (git-fixes).\n- i40e: Report MFS in decimal base instead of hex (git-fixes).\n- i40e: fix race condition by adding filter\u0027s intermediate sync state (git-fixes).\n- iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call (git-fixes).\n- iavf: Fix TC config comparison with existing adapter TC config (git-fixes).\n- ice: Fix VSI list rule with ICE_SW_LKUP_LAST type (git-fixes).\n- ice: Fix checking for unsupported keys on non-tunnel device (git-fixes).\n- ice: Fix lldp packets dropping after changing the number of channels (git-fixes).\n- ice: Fix netif_is_ice() in Safe Mode (git-fixes).\n- ice: Fix package download algorithm (git-fixes).\n- ice: Fix recipe read procedure (git-fixes).\n- ice: Fix reset handler (git-fixes).\n- ice: Flush FDB entries before reset (git-fixes).\n- ice: Interpret .set_channels() input differently (git-fixes).\n- ice: Rebuild TC queues on VSI queue reconfiguration (git-fixes).\n- ice: Reject pin requests with unsupported flags (git-fixes).\n- ice: add flag to distinguish reset from .ndo_bpf in XDP rings config (git-fixes).\n- ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (git-fixes).\n- ice: avoid IRQ collision to fix init failure on ACPI S3 resume (git-fixes).\n- ice: clear port vlan config during reset (git-fixes).\n- ice: disallow DPLL_PIN_STATE_SELECTABLE for dpll output pins (git-fixes).\n- ice: do not bring the VSI up, if it was down before the XDP setup (git-fixes).\n- ice: do not busy wait for Rx queue disable in ice_qp_dis() (git-fixes).\n- ice: fix 200G PHY types to link speed mapping (git-fixes).\n- ice: fix 200G link speed message log (git-fixes).\n- ice: fix ICE_LAST_OFFSET formula (git-fixes).\n- ice: fix VLAN replay after reset (git-fixes).\n- ice: fix VSI lists confusion when adding VLANs (git-fixes).\n- ice: fix accounting for filters shared by multiple VSIs (git-fixes).\n- ice: fix accounting if a VLAN already exists (git-fixes).\n- ice: fix iteration of TLVs in Preserved Fields Area (git-fixes).\n- ice: fix page reuse when PAGE_SIZE is over 8k (git-fixes).\n- ice: fix reads from NVM Shadow RAM on E830 and E825-C devices (git-fixes).\n- ice: fix truesize operations for PAGE_SIZE \u003e= 8192 (git-fixes).\n- ice: implement AQ download pkg retry (git-fixes).\n- ice: map XDP queues to vectors in ice_vsi_map_rings_to_vectors() (git-fixes).\n- ice: remove af_xdp_zc_qps bitmap (git-fixes).\n- ice: replace synchronize_rcu with synchronize_net (git-fixes).\n- ice: respect netif readiness in AF_XDP ZC related ndo\u0027s (git-fixes).\n- ice: set correct dst VSI in only LAN filters (git-fixes).\n- ice: tc: allow zero flags in parsing tc flower (git-fixes).\n- ice: tc: check src_vsi in case of traffic from VF (git-fixes).\n- ice: use proper macro for testing bit (git-fixes).\n- idpf: Interpret .set_channels() input differently (git-fixes).\n- idpf: avoid bloating \u0026idpf_q_vector with big %NR_CPUS (git-fixes).\n- idpf: do not enable NAPI and interrupts prior to allocating Rx buffers (git-fixes).\n- idpf: do not skip over ethtool tcp-data-split setting (git-fixes).\n- idpf: fix UAFs when destroying the queues (git-fixes).\n- idpf: fix memleak in vport interrupt configuration (git-fixes).\n- idpf: fix memory leaks and crashes while performing a soft reset (git-fixes).\n- ieee802154: Fix build error (git-fixes).\n- igb: Always call igb_xdp_ring_update_tail() under Tx lock (git-fixes).\n- igb: Disable threaded IRQ for igb_msix_other (git-fixes).\n- igb: Fix not clearing TimeSync interrupts for 82580 (git-fixes).\n- igc: Fix double reset adapter triggered from a single taprio cmd (git-fixes).\n- igc: Fix packet still tx after gate close by reducing i226 MAC retry buffer (git-fixes).\n- igc: Fix qbv tx latency by setting gtxoffset (git-fixes).\n- igc: Fix qbv_config_change_errors logics (git-fixes).\n- igc: Fix reset adapter logics when tx mode change (git-fixes).\n- igc: Unlock on error in igc_io_resume() (git-fixes).\n- iio: Fix fwnode_handle in __fwnode_iio_channel_get_by_name() (git-fixes).\n- iio: accel: bma400: Fix uninitialized variable field_value in tap event handling (git-fixes).\n- iio: accel: kx022a: Fix raw read format (git-fixes).\n- iio: accel: kx022a: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).\n- iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() (git-fixes).\n- iio: adc: ad7606: Fix typo in the driver name (git-fixes).\n- iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer (git-fixes).\n- iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).\n- iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).\n- iio: adc: ti-lmp92064: add missing select REGMAP_SPI in Kconfig (git-fixes).\n- iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig (git-fixes).\n- iio: dac: ad3552r: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).\n- iio: dac: ad5766: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).\n- iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig (git-fixes).\n- iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig (git-fixes).\n- iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig (git-fixes).\n- iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig (git-fixes).\n- iio: frequency: admv4420: fix missing select REMAP_SPI in Kconfig (git-fixes).\n- iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() (git-fixes).\n- iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() (git-fixes).\n- iio: gts: Fix uninitialized symbol \u0027ret\u0027 (git-fixes).\n- iio: gts: fix infinite loop for gain_to_scaletables() (git-fixes).\n- iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() (git-fixes).\n- iio: light: al3010: Fix an error handling path in al3010_probe() (git-fixes).\n- iio: light: opt3001: add missing full-scale range value (git-fixes).\n- iio: light: veml6030: fix ALS sensor resolution (git-fixes).\n- iio: light: veml6030: fix IIO device retrieval from embedded device (git-fixes).\n- iio: light: veml6030: fix microlux value calculation (git-fixes).\n- iio: magnetometer: ak8975: Convert enum-\u003epointer for data in the match tables (stable-fixes).\n- iio: magnetometer: ak8975: Fix \u0027Unexpected device\u0027 error (git-fixes).\n- iio: magnetometer: ak8975: drop incorrect AK09116 compatible (git-fixes).\n- iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes).\n- ima: fix buffer overrun in ima_eventdigest_init_common (git-fixes).\n- initramfs: avoid filename buffer overrun (bsc#1232436).\n- intel_idle: add Granite Rapids Xeon support (bsc#1231630).\n- intel_idle: fix ACPI _CST matching for newer Xeon platforms (bsc#1231630).\n- io_uring/eventfd: move to more idiomatic RCU free usage (git-fixes).\n- io_uring/io-wq: do not allow pinning outside of cpuset (git-fixes).\n- io_uring/io-wq: inherit cpuset of cgroup in io worker (git-fixes).\n- io_uring/net: harden multishot termination case for recv (git-fixes).\n- io_uring/rw: fix cflags posting for single issue multishot read (git-fixes).\n- io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (git-fixes).\n- io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN (git-fixes).\n- io_uring/sqpoll: close race on waiting for sqring entries (git-fixes).\n- io_uring/sqpoll: do not allow pinning outside of cpuset (git-fixes).\n- io_uring/sqpoll: do not put cpumask on stack (git-fixes).\n- io_uring/sqpoll: retain test for whether the CPU is valid (git-fixes).\n- io_uring: check for presence of task_work rather than TIF_NOTIFY_SIGNAL (git-fixes).\n- iommu/amd: Allocate the page table root using GFP_KERNEL (git-fixes).\n- iommu/amd: Do not set the D bit on AMD v2 table entries (git-fixes).\n- iommu/amd: Fix typo of , instead of ; (git-fixes).\n- iommu/vt-d: Always reserve a domain ID for identity setup (git-fixes).\n- iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices (git-fixes).\n- iommufd: Check the domain owner of the parent before creating a nesting domain (git-fixes).\n- iommufd: Protect against overflow of ALIGN() during iova allocation (git-fixes).\n- irqchip/gic-v3-its: Avoid explicit cpumask allocation on stack (git-fixes).\n- jbd2: Move j_transaction_overhead_buffers into a hole (bsc#1234042).\n- jbd2: avoid infinite transaction commit loop (bsc#1234039).\n- jbd2: avoid memleak in jbd2_journal_write_metadata_buffer (bsc#1234043).\n- jbd2: avoid mount failed when commit block is partial submitted (bsc#1234040).\n- jbd2: correct the printing of write_flags in jbd2_write_superblock() (bsc#1234045).\n- jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit (bsc#1231638).\n- jbd2: fix kernel-doc for j_transaction_overhead_buffers (bsc#1234042).\n- jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev (bsc#1234044).\n- jbd2: fix soft lockup in journal_finish_inode_data_buffers() (bsc#1234046).\n- jbd2: make jbd2_journal_get_max_txn_bufs() internal (bsc#1234041).\n- jbd2: precompute number of transaction descriptor blocks (bsc#1234042).\n- jfs: Fix sanity check in dbMount (git-fixes).\n- jfs: Fix uaf in dbFreeBits (git-fixes).\n- jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes).\n- jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes).\n- jfs: check if leafidx greater than num leaves per dmap tree (git-fixes).\n- jump_label: Fix static_key_slow_dec() yet again (git-fixes).\n- kABI fix of VM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes).\n- kABI workaround for ASoC SOF (bsc#1233305).\n- kABI: Restore exported __arm_smccc_sve_check (git-fixes)\n- kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes).\n- kABI: bpf: struct bpf_insn_acces_aux kABI workaround (git-fixes).\n- kabi, mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling (git-fixes kabi).\n- kasan: Fix Software Tag-Based KASAN with GCC (git-fixes).\n- kasan: move checks to do_strncpy_from_user (git-fixes).\n- kbuild, bpf: Use test-ge check for v1.25-only pahole (bsc#1230414 bsc#1229450).\n- kbuild,bpf: Add module-specific pahole flags for distilled base BTF (bsc#1230414 bsc#1229450).\n- kbuild,bpf: Switch to using --btf_features for pahole v1.26 and later (bsc#1230414 bsc#1229450).\n- kbuild: avoid too many execution of scripts/pahole-flags.sh (bsc#1230414 bsc#1229450).\n- kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414 bsc#1229450).\n- kconfig: qconf: fix buffer overflow in debug links (git-fixes).\n- kernel-binary: Enable livepatch package only when livepatch is enabled Otherwise the filelist may be empty failing the build (bsc#1218644).\n- kexec_file: fix elfcorehdr digest exclusion when CONFIG_CRASH_HOTPLUG=y (git-fixes).\n- keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry (git-fixes).\n- keys: Fix overwrite of key expiration on instantiation (git-fixes).\n- kthread: unpark only parked kthread (git-fixes).\n- leds: lp55xx: Remove redundant test for invalid channel number (git-fixes).\n- lib/xarray: introduce a new helper xas_get_order (bsc#1231617).\n- lib: string_helpers: silence snprintf() output truncation warning (git-fixes).\n- mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING (git-fixes).\n- macsec: do not increment counters for an unrelated SA (git-fixes).\n- mailbox: arm_mhuv2: clean up loop in get_irq_chan_comb() (git-fixes).\n- maple_tree: correct tree corruption on spanning store (git-fixes).\n- maple_tree: fix alloc node fail issue (git-fixes).\n- maple_tree: refine mas_store_root() on storing NULL (git-fixes).\n- media: adv7604: prevent underflow condition when reporting colorspace (git-fixes).\n- media: amphion: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).\n- media: amphion: Set video drvdata before register video device (git-fixes).\n- media: ar0521: do not overflow when checking PLL values (git-fixes).\n- media: atomisp: Add check for rgby_data memory allocation failure (git-fixes).\n- media: bttv: use audio defaults for winfast2000 (git-fixes).\n- media: core: v4l2-ioctl: check if ioctl is known to avoid NULL name (git-fixes).\n- media: cx24116: prevent overflows on SNR calculus (git-fixes).\n- media: dvb_frontend: do not play tricks with underflow values (git-fixes).\n- media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set (stable-fixes).\n- media: dvbdev: prevent the risk of out of memory access (git-fixes).\n- media: gspca: ov534-ov772x: Fix off-by-one error in set_frame_rate() (git-fixes).\n- media: i2c: dw9768: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).\n- media: i2c: imx335: Enable regulator supplies (stable-fixes).\n- media: i2c: tc358743: Fix crash in the probe error path when using polling (git-fixes).\n- media: imx-jpeg: Ensure power suppliers be suspended before detach them (git-fixes).\n- media: imx-jpeg: Set video drvdata before register video device (git-fixes).\n- media: imx335: Fix reset-gpio handling (git-fixes).\n- media: mantis: remove orphan mantis_core.h (git-fixes).\n- media: mtk-jpeg: Fix null-ptr-deref during unload module (git-fixes).\n- media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler warning (git-fixes).\n- media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() (git-fixes).\n- media: platform: exynos4-is: Fix an OF node reference leak in fimc_md_is_isp_available (git-fixes).\n- media: pulse8-cec: fix data timestamp at pulse8_setup() (git-fixes).\n- media: s5p-jpeg: prevent buffer overflows (git-fixes).\n- media: stb0899_algo: initialize cfr before using it (git-fixes).\n- media: ts2020: fix null-ptr-deref in ts2020_probe() (git-fixes).\n- media: uvcvideo: Require entities to have a non-zero unique ID (git-fixes).\n- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (git-fixes).\n- media: uvcvideo: Stop stream during unregister (git-fixes).\n- media: v4l2-ctrls-api: fix error handling for v4l2_g_ctrl() (git-fixes).\n- media: v4l2-tpg: prevent the risk of a division by zero (git-fixes).\n- media: vb2: Fix comment (git-fixes).\n- media: venus: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).\n- media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() (stable-fixes).\n- media: videobuf2: fix typo: vb2_dbuf -\u003e vb2_qbuf (git-fixes).\n- media: wl128x: Fix atomicity violation in fmc_send_cmd() (git-fixes).\n- mei: use kvmalloc for read buffer (git-fixes).\n- mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes).\n- mfd: rt5033: Fix missing regmap_del_irq_chip() (git-fixes).\n- mfd: tps65010: Use IRQF_NO_AUTOEN flag in request_irq() to fix race (git-fixes).\n- minmax: avoid overly complex min()/max() macro arguments in xen (git-fixes).\n- minmax: scsi: fix mis-use of \u0027clamp()\u0027 in sr.c (git-fixes).\n- misc: apds990x: Fix missing pm_runtime_disable() (git-fixes).\n- mlx5: avoid truncating error message (git-fixes).\n- mlx5: stop warning for 64KB pages (git-fixes).\n- mlxbf_gige: disable RX filters until RX path initialized (git-fixes).\n- mm/filemap: optimize filemap folio adding (bsc#1231617).\n- mm/filemap: return early if failed to allocate memory for split (bsc#1231617).\n- mm/hugetlb: fix nodes huge page allocation when there are surplus pages (bsc#1234012).\n- mm: avoid unsafe VMA hook invocation when error arises on mmap hook (git-fixes).\n- mm: khugepaged: fix the arguments order in khugepaged_collapse_file trace point (git-fixes).\n- mm: mmap: no need to call khugepaged_enter_vma() for stack (jsc#PED-10978).\n- mm: move dummy_vm_ops out of a header (git-fixes prerequisity).\n- mm: refactor arch_calc_vm_flag_bits() and arm64 MTE handling (git-fixes).\n- mm: refactor map_deny_write_exec() (git-fixes).\n- mm: resolve faulty mmap_region() error path behaviour (git-fixes).\n- mm: unconditionally close VMAs on error (git-fixes).\n- mmc: core: Further prevent card detect during shutdown (git-fixes).\n- mmc: mmc_spi: drop buggy snprintf() (git-fixes).\n- mmc: sunxi-mmc: Fix A100 compatible description (git-fixes).\n- modpost: fix acpi MODULE_DEVICE_TABLE built with mismatched endianness (git-fixes).\n- modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (git-fixes).\n- modpost: remove incorrect code in do_eisa_entry() (git-fixes).\n- module: abort module loading when sysfs setup suffer errors (git-fixes).\n- mtd: rawnand: atmel: Fix possible memory leak (git-fixes).\n- mtd: spi-nor: core: replace dummy buswidth from addr to data (git-fixes).\n- nbd: fix race between timeout and normal completion (bsc#1230918).\n- net/mlx5: Add missing masks and QoS bit masks for scheduling elements (git-fixes).\n- net/mlx5: Added cond_resched() to crdump collection (git-fixes).\n- net/mlx5: Check capability for fw_reset (git-fixes).\n- net/mlx5: Check for invalid vector index on EQ creation (git-fixes).\n- net/mlx5: Explicitly set scheduling element and TSAR type (git-fixes).\n- net/mlx5: Fix command bitmask initialization (git-fixes).\n- net/mlx5: Fix error handling in irq_pool_request_irq (git-fixes).\n- net/mlx5: Lag, do bond only if slaves agree on roce state (git-fixes).\n- net/mlx5: Lag, do not use the hardcoded value of the first port (git-fixes).\n- net/mlx5: Stop waiting for PCI if pci channel is offline (git-fixes).\n- net/mlx5: Unregister notifier on eswitch init failure (git-fixes).\n- net/mlx5: Update the list of the PCI supported devices (git-fixes).\n- net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (git-fixes).\n- net/mlx5e: Add missing link mode to ptys2ext_ethtool_map (git-fixes).\n- net/mlx5e: Add missing link modes to ptys2ethtool_map (git-fixes).\n- net/mlx5e: Add mqprio_rl cleanup and free in mlx5e_priv_cleanup() (git-fixes).\n- net/mlx5e: Correctly report errors for ethtool rx flows (git-fixes).\n- net/mlx5e: Do not call cleanup on profile rollback failure (git-fixes).\n- net/mlx5e: Fix IPsec tunnel mode offload feature check (git-fixes).\n- net/mlx5e: Fix UDP GSO for encapsulated packets (git-fixes).\n- net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN) packets (git-fixes).\n- net/mlx5e: Require mlx5 tc classifier action support for IPsec prio capability (git-fixes).\n- net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion (git-fixes).\n- net: mana: Implement get_ringparam/set_ringparam for mana (bsc#1229891).\n- net: mana: Improve mana_set_channels() in low mem conditions (bsc#1230289).\n- net: mdio-ipq4019: add missing error check (git-fixes).\n- net: phy: Remove LED entry from LEDs list on unregister (git-fixes).\n- net: phy: bcm84881: Fix some error handling paths (git-fixes).\n- net: phy: dp83822: Fix reset pin definitions (git-fixes).\n- net: phy: dp83869: fix memory corruption when enabling fiber (git-fixes).\n- net: phy: ti: add PHY_RST_AFTER_CLK_EN flag (git-fixes).\n- net: qede: sanitize \u0027rc\u0027 in qede_add_tc_flower_fltr() (git-fixes).\n- net: qede: use return from qede_parse_actions() (git-fixes).\n- net: qede: use return from qede_parse_flow_attr() for flow_spec (git-fixes).\n- net: qede: use return from qede_parse_flow_attr() for flower (git-fixes).\n- net: relax socket state check at accept time (git-fixes).\n- net: stmmac: dwmac-tegra: Fix link bring-up sequence (git-fixes)\n- net: sysfs: Fix /sys/class/net/\u0026lt;iface\u003e path for statistics (git-fixes).\n- net: test for not too small csum_start in virtio_net_hdr_to_skb() (git-fixes).\n- net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (git-fixes).\n- net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device (git-fixes).\n- net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL configuration (git-fixes).\n- net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition (stable-fixes).\n- net: usb: usbnet: fix name regression (get-fixes).\n- net: usb: usbnet: fix race in probe failure (git-fixes).\n- net: wwan: fix global oob in wwan_rtnl_policy (git-fixes).\n- net: wwan: t7xx: Fix off-by-one error in t7xx_dpmaif_rx_buf_alloc() (git-fixes).\n- net: xfrm: preserve kabi for xfrm_state (bsc#1233754).\n- netdevsim: copy addresses for both in and out paths (git-fixes).\n- netdevsim: use cond_resched() in nsim_dev_trap_report_work() (git-fixes).\n- netfilter: nf_tables: missing iterator type in lookup walk (git-fixes).\n- nfs: Fix KMSAN warning in decode_getfattr_attrs() (git-fixes).\n- nfs: avoid i_lock contention in nfs_clear_invalid_mapping (git-fixes).\n- nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes).\n- nfsd: call cache_put if xdr_reserve_space returns NULL (git-fixes).\n- nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net (git-fixes).\n- nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes).\n- nfsd: fix refcount leak when file is unhashed after being found (git-fixes).\n- nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes).\n- nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (git-fixes).\n- nfsd: remove unsafe BUG_ON from set_change_info (bsc#1234121).\n- nfsd: return -EINVAL when namelen is 0 (git-fixes).\n- nilfs2: fix kernel bug due to missing clearing of buffer delay flag (git-fixes).\n- nilfs2: fix potential deadlock with newly created symlinks (git-fixes).\n- nouveau/dmem: Fix privileged error in copy engine channel (git-fixes).\n- nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error (git-fixes).\n- nouveau/dp: handle retries for AUX CH transfers with GSP (git-fixes).\n- nouveau/gsp: Avoid addressing beyond end of rpc-\u003eentries (stable-fixes).\n- nouveau: fw: sync dma after setup is called (git-fixes).\n- nouveau: handle EBUSY and EAGAIN for GSP aux errors (git-fixes).\n- ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() (git-fixes).\n- ntfs3: Add bounds checking to mi_enum_attr() (bsc#1233207)\n- nvme-fabrics: fix kernel crash while shutting down controller (git-fixes).\n- nvme-loop: flush off pending I/O while shutting down loop controller (git-fixes).\n- nvme-multipath: suppress partition scan until the disk is ready (bsc#1228244).\n- nvme-pci: fix freeing of the HMB descriptor table (git-fixes).\n- nvme-pci: fix race condition between reset and nvme_dev_disable() (git-fixes).\n- nvme-pci: qdepth 1 quirk (git-fixes).\n- nvme-pci: reverse request order in nvme_queue_rqs (git-fixes).\n- nvme-pci: set doorbell config before unquiescing (git-fixes).\n- nvme/host: Fix RCU list traversal to use SRCU primitive (git-fixes).\n- nvme: disable CC.CRIME (NVME_CC_CRIME) (jsc#PED-9901).\n- nvme: null terminate nvme_tls_attrs (git-fixes).\n- nvme: re-fix error-handling for io_uring nvme-passthrough (git-fixes).\n- nvme: tcp: avoid race between queue_lock lock and destroy (git-fixes).\n- nvmet-auth: assign dh_key to NULL after kfree_sensitive (git-fixes).\n- ocfs2: fix UBSAN warning in ocfs2_verify_volume() (git-fixes).\n- ocfs2: fix the la space leak when unmounting an ocfs2 volume (git-fixes).\n- ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes).\n- ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (git-fixes).\n- ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (git-fixes).\n- ocfs2: uncache inode which has failed entering the group (git-fixes).\n- of: Add cleanup.h based auto release via __free(device_node) markings (bsc#1232386)\n- parport: Proper fix for array out-of-bounds access (git-fixes).\n- phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check (git-fixes).\n- phy: qcom: qmp-combo: move driver data initialisation earlier (git-fixes).\n- phy: qcom: qmp-usb: fix NULL-deref on runtime suspend (git-fixes).\n- phy: tegra: xusb: Add error pointer check in xusb.c (git-fixes).\n- phy: ti: phy-j721e-wiz: fix usxgmii configuration (git-fixes).\n- pinctrl: apple: check devm_kasprintf() returned value (git-fixes).\n- pinctrl: k210: Undef K210_PC_DEFAULT (git-fixes).\n- pinctrl: ocelot: fix system hang on level based interrupts (stable-fixes).\n- pinctrl: qcom: spmi: fix debugfs drive strength (git-fixes).\n- pinctrl: zynqmp: drop excess struct member description (git-fixes).\n- platform/chrome: cros_ec_typec: fix missing fwnode reference decrement (git-fixes).\n- platform/x86/amd/pmc: Detect when STB is not available (git-fixes).\n- platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (git-fixes).\n- platform/x86: dell-sysman: add support for alienware products (stable-fixes).\n- platform/x86: dell-wmi: Ignore suspend notifications (stable-fixes).\n- platform/x86: lenovo-ymc: Ignore the 0x0 state (stable-fixes).\n- platform/x86: panasonic-laptop: Return errno correctly in show callback (git-fixes).\n- platform/x86: touchscreen_dmi: add nanote-next quirk (stable-fixes).\n- posix-cpu-timers: Clear TICK_DEP_BIT_POSIX_TIMER on clone (bsc#1234098).\n- power: reset: brcmstb: Do not go into infinite loop if reset fails (stable-fixes).\n- power: supply: bq27xxx: Fix registers of bq27426 (git-fixes).\n- power: supply: core: Remove might_sleep() from power_supply_put() (git-fixes).\n- power: supply: rt9471: Fix wrong WDT function regfield declaration (git-fixes).\n- power: supply: rt9471: Use IC status regfield to report real charger status (git-fixes).\n- powercap: intel_rapl: Fix off by one in get_rpi() (git-fixes).\n- powerpc/64: Convert patch_instruction() to patch_u32() (bsc#1194869).\n- powerpc/64s: Fix unnecessary copy to 0 when kernel is booted at address 0 (bsc#1215199).\n- powerpc/atomic: Use YZ constraints for DS-form instructions (bsc#1194869).\n- powerpc/boot: Handle allocation failure in simple_realloc() (bsc#1194869).\n- powerpc/boot: Only free if realloc() succeeds (bsc#1194869).\n- powerpc/code-patching: Add generic memory patching (bsc#1194869).\n- powerpc/code-patching: Perform hwsync in __patch_instruction() in case of failure (bsc#1194869).\n- powerpc/crypto: do not build aes-gcm-p10 by default (bsc#1230501 ltc#208632).\n- powerpc/crypto: fix missing skcipher dependency for aes-gcm-p10 (bsc#1230501 ltc#208632).\n- powerpc/fadump: Move fadump_cma_init to setup_arch() after initmem_init() (bsc#1215199).\n- powerpc/fadump: Refactor and prepare fadump_cma_init for late init (bsc#1215199).\n- powerpc/kexec: Fix return of uninitialized variable (bsc#1194869).\n- powerpc/mm/fault: Fix kfence page fault reporting (bsc#1194869).\n- powerpc/mm: Fix boot crash with FLATMEM (bsc#1194869).\n- powerpc/mm: Fix boot warning with hugepages and CONFIG_DEBUG_VIRTUAL (bsc#1194869).\n- powerpc/powernv: Free name on error in opal_event_init() (bsc#1194869).\n- powerpc/pseries: Fix KVM guest detection for disabling hardlockup detector (bsc#1194869).\n- powerpc/pseries: Fix dtl_access_lock to be a rw_semaphore (bsc#1194869).\n- powerpc/pseries: Use correct data types from pseries_hp_errorlog struct (bsc#1215199).\n- powerpc/vdso: Fix VDSO data access when running in a non-root time namespace (bsc#1194869).\n- powerpc/vdso: Inconditionally use CFUNC macro (bsc#1215199).\n- powerpc/xics: Check return value of kasprintf in icp_native_map_one_cpu (bsc#1194869).\n- powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729).\n- printk: Add notation to console_srcu locking (bsc#1232183).\n- pwm: imx-tpm: Use correct MODULO value for EPWM mode (git-fixes).\n- qed: avoid truncating work queue length (git-fixes).\n- rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow (bsc#1226631).\n- rcu: Fix buffer overflow in print_cpu_stall_info() (bsc#1226623).\n- regmap: detach regmap from dev on regmap_exit (git-fixes).\n- regmap: irq: Set lockdep class for hierarchical IRQ domains (git-fixes).\n- rpm/check-for-config-changes: add HAVE_RUST and RUSTC_SUPPORTS_ to IGNORED_CONFIGS_RE They depend on SHADOW_CALL_STACK.\n- rpm/release-projects: Add SLFO projects (bsc#1231293).\n- rpm/scripts: Remove obsolete Symbols.list Symbols.list is not longer needed by the new klp-convert implementation. (bsc#1218644)\n- rpmsg: glink: Handle rejected intent request better (git-fixes).\n- rtc: ab-eoz9: do not fail temperature reads on undervoltage notification (git-fixes).\n- rtc: abx80x: Fix WDT bit position of the status register (git-fixes).\n- rtc: bbnsm: add remove hook (git-fixes).\n- rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (git-fixes).\n- rtc: rzn1: fix BCD to rtc_time conversion errors (git-fixes).\n- rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).\n- runtime constants: add default dummy infrastructure (git-fixes).\n- runtime constants: add x86 architecture support (git-fixes).\n- s390/mm: Add cond_resched() to cmm_alloc/free_pages() (bsc#1228747).\n- s390/pci: Handle PCI error codes other than 0x3a (git-fixes bsc#1232629).\n- s390/sclp: Deactivate sclp after all its users (git-fixes bsc#1232628).\n- s390/sclp_vt220: Convert newlines to CRLF instead of LFCR (git-fixes bsc#1232627).\n- scsi: NCR5380: Check for phase match during PDMA fixup (git-fixes).\n- scsi: NCR5380: Initialize buffer for MSG IN and STATUS transfers (git-fixes).\n- scsi: Remove scsi device no_start_on_resume flag (git-fixes).\n- scsi: aacraid: Rearrange order of struct aac_srb_unit (git-fixes).\n- scsi: cdrom: kABI: fix cdrom_dev_ops change (git-fixes).\n- scsi: core: Disable CDL by default (git-fixes).\n- scsi: core: Fix handling of SCMD_FAIL_IF_RECOVERING (git-fixes).\n- scsi: core: Fix the return value of scsi_logical_block_count() (git-fixes).\n- scsi: core: Handle devices which return an unusually large VPD page count (git-fixes).\n- scsi: core: alua: I/O errors for ALUA state transitions (git-fixes).\n- scsi: fnic: Move flush_work initialization out of if block (bsc#1230055).\n- scsi: hisi_sas: Handle the NCQ error returned by D2H frame (git-fixes).\n- scsi: hpsa: Fix allocation size for Scsi_Host private data (git-fixes).\n- scsi: kABI: restore no_start_on_resume to scsi_device (git-fixes).\n- scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (git-fixes).\n- scsi: libsas: Fix the failure of adding phy with zero-address to port (git-fixes).\n- scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() (bsc#1232757).\n- scsi: lpfc: Add cleanup of nvmels_wq after HBA reset (bsc#1233241 jsc#PED-9943).\n- scsi: lpfc: Call lpfc_sli4_queue_unset() in restart and rmmod paths (bsc#1233241 jsc#PED-9943).\n- scsi: lpfc: Change lpfc_nodelist nlp_flag member into a bitmask (bsc#1233241 jsc#PED-9943).\n- scsi: lpfc: Check SLI_ACTIVE flag in FDMI cmpl before submitting follow up FDMI (bsc#1233241 jsc#PED-9943).\n- scsi: lpfc: Check devloss callbk done flag for potential stale NDLP ptrs (bsc#1233241 jsc#PED-9943).\n- scsi: lpfc: Copyright updates for 14.4.0.6 patches (bsc#1233241 jsc#PED-9943).\n- scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1232757).\n- scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (bsc#1232757).\n- scsi: lpfc: Modify CGN warning signal calculation based on EDC response (bsc#1233241 jsc#PED-9943).\n- scsi: lpfc: Prevent NDLP reference count underflow in dev_loss_tmo callback (bsc#1233241 jsc#PED-9943).\n- scsi: lpfc: Remove NLP_RELEASE_RPI flag from nodelist structure (bsc#1233241 jsc#PED-9943).\n- scsi: lpfc: Remove trailing space after \\n newline (bsc#1232757).\n- scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs (bsc#1232757 bsc#1228119).\n- scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING (bsc#1232757).\n- scsi: lpfc: Support loopback tests with VMID enabled (bsc#1232757).\n- scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757).\n- scsi: lpfc: Update lpfc version to 14.4.0.6 (bsc#1233241 jsc#PED-9943).\n- scsi: lpfc: Update lpfc_els_flush_cmd() to check for SLI_ACTIVE before BSG flag (bsc#1233241 jsc#PED-9943).\n- scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE (bsc#1232757).\n- scsi: mac_scsi: Disallow bus errors during PDMA send (git-fixes).\n- scsi: mac_scsi: Refactor polling loop (git-fixes).\n- scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages (git-fixes).\n- scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES (git-fixes).\n- scsi: mpi3mr: Avoid memcpy field-spanning write WARNING (git-fixes).\n- scsi: mpi3mr: Avoid possible run-time warning with long manufacturer strings (git-fixes).\n- scsi: mpi3mr: Fix ATA NCQ priority support (git-fixes).\n- scsi: mpi3mr: Validate SAS port assignments (git-fixes).\n- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (git-fixes).\n- scsi: pm8001: Do not overwrite PCI queue mapping (git-fixes).\n- scsi: pm80xx: Set phy-\u003eenable_completion only when we wait for it (git-fixes).\n- scsi: qedf: Set qed_slowpath_params to zero before use (git-fixes).\n- scsi: scsi_transport_fc: Allow setting rport state to current state (git-fixes).\n- scsi: sd: Ignore command SYNCHRONIZE CACHE error if format in progress (git-fixes).\n- scsi: sd_zbc: Use kvzalloc() to allocate REPORT ZONES buffer (git-fixes).\n- scsi: smartpqi: correct stream detection (git-fixes).\n- scsi: smartpqi: revert propagate-the-multipath-failure-to-SML-quickly (git-fixes).\n- scsi: spi: Fix sshdr use (git-fixes).\n- scsi: sr: Fix unintentional arithmetic wraparound (git-fixes).\n- scsi: wd33c93: Do not use stale scsi_pointer value (git-fixes).\n- security/keys: fix slab-out-of-bounds in key_task_permission (git-fixes).\n- selftests/bpf: Add a test case to write mtu result into .rodata (git-fixes).\n- selftests/bpf: Add a test case to write strtol result into .rodata (git-fixes).\n- selftests/bpf: Add test for sign extension in coerce_subreg_to_size_sx() (git-fixes).\n- selftests/bpf: Add test for truncation after sign extension in coerce_reg_to_size_sx() (git-fixes).\n- selftests/bpf: Add tests for ldsx of pkt data/data_end/data_meta accesses (git-fixes).\n- selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test (git-fixes).\n- selftests/bpf: Rename ARG_PTR_TO_LONG test description (git-fixes).\n- selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation (git-fixes).\n- serial: 8250: omap: Move pm_runtime_get_sync (git-fixes).\n- serial: imx: Update mctrl old_status on RTSD interrupt (git-fixes).\n- serial: protect uart_port_dtr_rts() in uart_shutdown() too (stable-fixes).\n- signal: Replace BUG_ON()s (bsc#1234093).\n- soc: fsl: rcpm: fix missing of_node_put() in copy_ippdexpcr1_setting() (git-fixes).\n- soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (git-fixes).\n- soc: ti: smartreflex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).\n- soundwire: intel_bus_common: enable interrupts before exiting reset (stable-fixes).\n- spi: Fix acpi deferred irq probe (git-fixes).\n- spi: atmel-quadspi: Fix register name in verbose logging function (git-fixes).\n- spi: atmel-quadspi: Fix wrong register value written to MR (git-fixes).\n- spi: mpc52xx: Add cancel_work_sync before module remove (git-fixes).\n- spi: mtk-snfi: fix kerneldoc for mtk_snand_is_page_ops() (git-fixes).\n- spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes).\n- spi: spi-fsl-dspi: Fix crash when not using GPIO chip select (git-fixes).\n- spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled (git-fixes).\n- spi: tegra210-quad: Avoid shift-out-of-bounds (git-fixes).\n- splice: always fsnotify_access(in), fsnotify_modify(out) on success (git-fixes).\n- splice: fsnotify_access(fd)/fsnotify_modify(fd) in vmsplice (git-fixes).\n- splice: fsnotify_access(in), fsnotify_modify(out) on success in tee (git-fixes).\n- srcu: Fix callbacks acceleration mishandling (git-fixes).\n- staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() (git-fixes).\n- sumversion: Fix a memory leak in get_src_version() (git-fixes).\n- supported.conf: mark nhpoly1305 module as supported (bsc#1231035)\n- supported.conf: mark ultravisor userspace access as supported (bsc#1232090)\n- task_work: add kerneldoc annotation for \u0027data\u0027 argument (git-fixes).\n- tcp: Fix refcnt handling in __inet_hash_connect() (git-fixes).\n- thermal: core: Initialize thermal zones before registering them (git-fixes).\n- thermal: int3400: Fix reading of current_uuid for active policy (git-fixes).\n- thermal: intel: int340x: processor: Fix warning during module unload (git-fixes).\n- thunderbolt: Honor TMU requirements in the domain when setting TMU mode (stable-fixes).\n- thunderbolt: Improve DisplayPort tunnel setup process to be more robust (stable-fixes).\n- tools/lib/thermal: Fix sampling handler context ptr (git-fixes).\n- tools/power turbostat: Fix trailing \u0027\\n\u0027 parsing (git-fixes).\n- tools/power turbostat: Increase the limit for fd opened (bsc#1233119).\n- tools: hv: rm .*.cmd when make clean (git-fixes).\n- tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 git-fixes).\n- tpm: fix signed/unsigned bug when checking event logs (git-fixes).\n- tracing/hwlat: Fix a race during cpuhp processing (git-fixes).\n- tracing/osnoise: Fix build when timerlat is not enabled (git-fixes).\n- tracing/osnoise: Skip running osnoise if all instances are off (git-fixes).\n- tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (git-fixes).\n- tracing/osnoise: Use a cpumask to know what threads are kthreads (git-fixes).\n- tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread() (git-fixes).\n- tracing/timerlat: Add user-space interface (git-fixes).\n- tracing/timerlat: Drop interface_lock in stop_kthread() (git-fixes).\n- tracing/timerlat: Fix a race during cpuhp processing (git-fixes).\n- tracing/timerlat: Fix duplicated kthread creation due to CPU online/offline (git-fixes).\n- tracing/timerlat: Move hrtimer_init to timerlat_fd open() (git-fixes).\n- tracing/timerlat: Only clear timer if a kthread exists (git-fixes).\n- tracing: Consider the NULL character when validating the event length (git-fixes).\n- tty: ldsic: fix tty_ldisc_autoload sysctl\u0027s proc_handler (git-fixes).\n- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (stable-fixes).\n- u64_stats: fix u64_stats_init() for lockdep when used repeatedly in one file (git-fixes).\n- ubifs: Fix adding orphan entry twice for the same inode (git-fixes).\n- ubifs: Fix unattached xattr inode if powercut happens after deleting (git-fixes).\n- ubifs: add check for crypto_shash_tfm_digest (git-fixes).\n- ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes).\n- ucounts: fix counter leak in inc_rlimit_get_ucounts() (bsc#1233460).\n- unicode: Do not special case ignorable code points (stable-fixes).\n- unicode: Fix utf8_load() error path (git-fixes).\n- uprobe: avoid out-of-bounds memory access of fetching args (git-fixes).\n- uprobes: encapsulate preparation of uprobe args buffer (git-fixes).\n- uprobes: introduce the global struct vm_special_mapping xol_mapping (bsc#1231114).\n- uprobes: turn xol_area-\u003epages into xol_area-\u003epage (bsc#1231114).\n- usb: chipidea: udc: enable suspend interrupt after usb reset (stable-fixes).\n- usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario (stable-fixes).\n- usb: dwc3: Wait for EndXfer completion before restoring GUSB2PHYCFG (git-fixes).\n- usb: dwc3: core: Stop processing of pending events if controller is halted (git-fixes).\n- usb: dwc3: gadget: Add missing check for single port RAM in TxFIFO resizing logic (git-fixes).\n- usb: dwc3: gadget: Fix checking for number of TRBs left (git-fixes).\n- usb: dwc3: gadget: Fix looping of queued SG entries (git-fixes).\n- usb: ehci-spear: fix call balance of sehci clk handling routines (git-fixes).\n- usb: gadget: core: force synchronous registration (git-fixes).\n- usb: gadget: dummy_hcd: Set transfer interval to 1 microframe (stable-fixes).\n- usb: gadget: dummy_hcd: Switch to hrtimer transfer scheduler (stable-fixes).\n- usb: gadget: dummy_hcd: execute hrtimer callback in softirq context (git-fixes).\n- usb: gadget: f_uac2: Replace snprintf() with the safer scnprintf() variant (stable-fixes).\n- usb: gadget: f_uac2: fix non-newline-terminated function name (stable-fixes).\n- usb: gadget: f_uac2: fix return value for UAC2_ATTRIBUTE_STRING store (git-fixes).\n- usb: musb: Fix hardware lockup on first Rx endpoint request (git-fixes).\n- usb: musb: sunxi: Fix accessing an released usb phy (git-fixes).\n- usb: phy: Fix API devm_usb_put_phy() can not release the phy (git-fixes).\n- usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip (stable-fixes).\n- usb: typec: altmode should keep reference to parent (git-fixes).\n- usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() (git-fixes).\n- usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() (git-fixes).\n- usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read() (git-fixes).\n- usb: xhci: Fix TD invalidation under pending Set TR Dequeue (git-fixes).\n- usb: xhci: Fix problem with xhci resume from suspend (stable-fixes).\n- usb: xhci: fix loss of data on Cadence xHC (git-fixes).\n- usb: yurex: make waiting on yurex_write interruptible (git-fixes).\n- usbip: tools: Fix detach_port() invalid port error path (git-fixes).\n- usbnet: fix cyclical race on disconnect with work queue (git-fixes).\n- vdpa: Fix an error handling path in eni_vdpa_probe() (git-fixes).\n- vdpa_sim_blk: Fix the potential leak of mgmt_dev (git-fixes).\n- vdpa_sim_blk: allocate the buffer zeroed (git-fixes).\n- vduse: avoid using __GFP_NOFAIL (git-fixes).\n- vfs: dcache: move hashlen_hash() from callers into d_hash() (git-fixes).\n- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (git-fixes).\n- vhost_vdpa: assign irq bypass producer token correctly (git-fixes).\n- virtio_console: fix misc probe bugs (git-fixes).\n- vmalloc: modify the alloc_vmap_area() error message for better diagnostics (jsc#PED-10978).\n- vmxnet3: Add XDP support (bsc#1226498).\n- vmxnet3: Fix missing reserved tailroom (bsc#1226498).\n- vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame (bsc#1226498).\n- vmxnet3: add command to allow disabling of offloads (bsc#1226498).\n- vmxnet3: add latency measurement support in vmxnet3 (bsc#1226498).\n- vmxnet3: prepare for version 9 changes (bsc#1226498).\n- vmxnet3: update to version 9 (bsc#1226498).\n- vsock: Update msg_count on read_skb() (git-fixes).\n- vt: prevent kernel-infoleak in con_font_get() (git-fixes).\n- watchdog: apple: Actually flush writes after requesting watchdog restart (git-fixes).\n- watchdog: mediatek: Make sure system reset gets asserted in mtk_wdt_restart() (git-fixes).\n- watchdog: rti: of: honor timeout-sec property (git-fixes).\n- wifi: ath10k: Fix memory leak in management tx (git-fixes).\n- wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss1 (git-fixes).\n- wifi: ath10k: fix invalid VHT parameters in supported_vht_mcs_rate_nss2 (git-fixes).\n- wifi: ath11k: Fix CE offset address calculation for WCN6750 in SSR (git-fixes).\n- wifi: ath11k: Fix invalid ring usage in full monitor mode (git-fixes).\n- wifi: ath11k: fix array out-of-bound access in SoC stats (stable-fixes).\n- wifi: ath12k: Skip Rx TID cleanup for self peer (git-fixes).\n- wifi: ath12k: fix array out-of-bound access in SoC stats (stable-fixes).\n- wifi: ath12k: fix crash when unbinding (git-fixes).\n- wifi: ath12k: fix warning when unbinding (git-fixes).\n- wifi: ath12k: remove msdu_end structure for WCN7850 (git-fixes).\n- wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (git-fixes).\n- wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() (stable-fixes).\n- wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (stable-fixes).\n- wifi: brcm80211: BRCM_TRACING should depend on TRACING (git-fixes).\n- wifi: brcmfmac: release \u0027root\u0027 node in all execution paths (git-fixes).\n- wifi: cfg80211: Set correct chandef when starting CAC (stable-fixes).\n- wifi: cfg80211: clear wdev-\u003ecqm_config pointer on free (git-fixes).\n- wifi: cw1200: Fix potential NULL dereference (git-fixes).\n- wifi: iwlegacy: Clear stale interrupts before resuming device (stable-fixes).\n- wifi: iwlegacy: Fix \"field-spanning write\" warning in il_enqueue_hcmd() (git-fixes).\n- wifi: iwlwifi: allow only CN mcc from WRDD (stable-fixes).\n- wifi: iwlwifi: config: label \u0027gl\u0027 devices as discrete (git-fixes).\n- wifi: iwlwifi: mvm: Fix a race in scan abort flow (stable-fixes).\n- wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() (git-fixes).\n- wifi: iwlwifi: mvm: avoid NULL pointer dereference (stable-fixes).\n- wifi: iwlwifi: mvm: do not add default link in fw restart flow (git-fixes).\n- wifi: iwlwifi: mvm: do not leak a link on AP removal (git-fixes).\n- wifi: iwlwifi: mvm: drop wrong STA selection in TX (stable-fixes).\n- wifi: iwlwifi: mvm: use correct key iteration (stable-fixes).\n- wifi: iwlwifi: remove AX101, AX201 and AX203 support from LNL (stable-fixes).\n- wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (git-fixes).\n- wifi: mac80211: fix RCU list iterations (stable-fixes).\n- wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys (git-fixes).\n- wifi: mt76: mt7915: add dummy HW offload of IEEE 802.11 fragmentation (stable-fixes).\n- wifi: mt76: mt7915: disable tx worker during tx BA session enable/disable (stable-fixes).\n- wifi: mt76: mt7915: hold dev-\u003emt76.mutex while disabling tx worker (stable-fixes).\n- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() (stable-fixes).\n- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (git-fixes).\n- wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).\n- wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).\n- wifi: rtw88: 8821cu: Remove VID/PID 0bda:c82c (stable-fixes).\n- wifi: rtw88: Fix USB/SDIO devices not transmitting beacons (git-fixes).\n- wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes).\n- wifi: rtw89: avoid reading out of bounds when loading TX power FW elements (stable-fixes).\n- wifi: rtw89: avoid to add interface to list twice when SER (stable-fixes).\n- wifi: rtw89: correct base HT rate mask for firmware (stable-fixes).\n- wifi: wfx: Fix error handling in wfx_core_init() (git-fixes).\n- x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1233443).\n- x86/CPU/AMD: Only apply Zenbleed fix for Zen2 during late microcode load (git-fixes).\n- x86/Documentation: Indent \u0027note::\u0027 directive for protocol version number note (git-fixes).\n- x86/PCI: Check pcie_find_root_port() return for NULL (git-fixes).\n- x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h (git-fixes).\n- x86/apic: Always explicitly disarm TSC-deadline timer (git-fixes).\n- x86/apic: Make x2apic_disable() work correctly (git-fixes).\n- x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes).\n- x86/bugs: Skip RSB fill at VMEXIT (git-fixes).\n- x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes).\n- x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes).\n- x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes).\n- x86/entry: Remove unwanted instrumentation in common_interrupt() (git-fixes).\n- x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes).\n- x86/microcode/intel: Remove unnecessary cache writeback and invalidation (git-fixes).\n- x86/mm: Use IPIs to synchronize LAM enablement (git-fixes).\n- x86/resctrl: Annotate get_mem_config() functions as __init (git-fixes).\n- x86/resctrl: Avoid overflow in MB settings in bw_validate() (git-fixes).\n- x86/resctrl: Remove hard-coded memory bandwidth limit (git-fixes).\n- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes).\n- x86/syscall: Avoid memcpy() for ia32 syscall_get_arguments() (git-fixes).\n- x86/tdx: Dynamically disable SEPT violations from causing #VEs (git-fixes).\n- x86/tdx: Enable CPU topology enumeration (git-fixes).\n- x86/tdx: Introduce wrappers to read and write TD metadata (git-fixes).\n- x86/tdx: Rename tdx_parse_tdinfo() to tdx_setup() (git-fixes).\n- x86/traps: move kmsan check after instrumentation_begin (git-fixes).\n- x86: Increase brk randomness entropy for 64-bit systems (git-fixes).\n- x86: do the user address masking outside the user access area (git-fixes).\n- x86: fix off-by-one in access_ok() (git-fixes).\n- x86: fix user address masking non-canonical speculation issue (git-fixes).\n- x86: make the masked_user_access_begin() macro use its argument only once (git-fixes).\n- x86: support user address masking instead of non-speculative conditional (git-fixes).\n- xfrm: Export symbol xfrm_dev_state_delete (bsc#1233754).\n- xfrm: Fix unregister netdevice hang on hardware offload (bsc#1233754).\n- xfs: check opcode and iovec count match in xlog_recover_attri_commit_pass2 (git-fixes).\n- xfs: check shortform attr entry flags specifically (git-fixes).\n- xfs: convert delayed extents to unwritten when zeroing post eof blocks (git-fixes).\n- xfs: fix finding a last resort AG in xfs_filestream_pick_ag (git-fixes).\n- xfs: fix freeing speculative preallocations for preallocated files (git-fixes).\n- xfs: make sure sb_fdblocks is non-negative (git-fixes).\n- xfs: make the seq argument to xfs_bmapi_convert_delalloc() optional (git-fixes).\n- xfs: make xfs_bmapi_convert_delalloc() to allocate the target offset (git-fixes).\n- xfs: remove a racy if_bytes check in xfs_reflink_end_cow_extent (git-fixes).\n- xfs: validate recovered name buffers when recovering xattr items (git-fixes).\n- xhci: Add a quirk for writing ERST in high-low order (git-fixes).\n- xhci: Fix Link TRB DMA in command ring stopped completion event (git-fixes).\n- xhci: Fix incorrect stream context type macro (git-fixes).\n- xhci: Mitigate failed set dequeue pointer commands (git-fixes).\n- xhci: Use pm_runtime_get to prevent RPM on unsupported systems (git-fixes).\n- xhci: tegra: fix checked USB2 port number (git-fixes).\n- zonefs: Improve error handling (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-1",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20247-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20247-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520247-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20247-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021076.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1082555",
"url": "https://bugzilla.suse.com/1082555"
},
{
"category": "self",
"summary": "SUSE Bug 1194869",
"url": "https://bugzilla.suse.com/1194869"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1217845",
"url": "https://bugzilla.suse.com/1217845"
},
{
"category": "self",
"summary": "SUSE Bug 1218562",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "self",
"summary": "SUSE Bug 1218644",
"url": "https://bugzilla.suse.com/1218644"
},
{
"category": "self",
"summary": "SUSE Bug 1219596",
"url": "https://bugzilla.suse.com/1219596"
},
{
"category": "self",
"summary": "SUSE Bug 1219803",
"url": "https://bugzilla.suse.com/1219803"
},
{
"category": "self",
"summary": "SUSE Bug 1220355",
"url": "https://bugzilla.suse.com/1220355"
},
{
"category": "self",
"summary": "SUSE Bug 1220382",
"url": "https://bugzilla.suse.com/1220382"
},
{
"category": "self",
"summary": "SUSE Bug 1221309",
"url": "https://bugzilla.suse.com/1221309"
},
{
"category": "self",
"summary": "SUSE Bug 1222423",
"url": "https://bugzilla.suse.com/1222423"
},
{
"category": "self",
"summary": "SUSE Bug 1222587",
"url": "https://bugzilla.suse.com/1222587"
},
{
"category": "self",
"summary": "SUSE Bug 1222590",
"url": "https://bugzilla.suse.com/1222590"
},
{
"category": "self",
"summary": "SUSE Bug 1223112",
"url": "https://bugzilla.suse.com/1223112"
},
{
"category": "self",
"summary": "SUSE Bug 1223384",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "self",
"summary": "SUSE Bug 1223656",
"url": "https://bugzilla.suse.com/1223656"
},
{
"category": "self",
"summary": "SUSE Bug 1223700",
"url": "https://bugzilla.suse.com/1223700"
},
{
"category": "self",
"summary": "SUSE Bug 1223733",
"url": "https://bugzilla.suse.com/1223733"
},
{
"category": "self",
"summary": "SUSE Bug 1223824",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "self",
"summary": "SUSE Bug 1223848",
"url": "https://bugzilla.suse.com/1223848"
},
{
"category": "self",
"summary": "SUSE Bug 1224088",
"url": "https://bugzilla.suse.com/1224088"
},
{
"category": "self",
"summary": "SUSE Bug 1224429",
"url": "https://bugzilla.suse.com/1224429"
},
{
"category": "self",
"summary": "SUSE Bug 1224518",
"url": "https://bugzilla.suse.com/1224518"
},
{
"category": "self",
"summary": "SUSE Bug 1224548",
"url": "https://bugzilla.suse.com/1224548"
},
{
"category": "self",
"summary": "SUSE Bug 1224574",
"url": "https://bugzilla.suse.com/1224574"
},
{
"category": "self",
"summary": "SUSE Bug 1224948",
"url": "https://bugzilla.suse.com/1224948"
},
{
"category": "self",
"summary": "SUSE Bug 1225611",
"url": "https://bugzilla.suse.com/1225611"
},
{
"category": "self",
"summary": "SUSE Bug 1225713",
"url": "https://bugzilla.suse.com/1225713"
},
{
"category": "self",
"summary": "SUSE Bug 1225725",
"url": "https://bugzilla.suse.com/1225725"
},
{
"category": "self",
"summary": "SUSE Bug 1225730",
"url": "https://bugzilla.suse.com/1225730"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225764",
"url": "https://bugzilla.suse.com/1225764"
},
{
"category": "self",
"summary": "SUSE Bug 1225768",
"url": "https://bugzilla.suse.com/1225768"
},
{
"category": "self",
"summary": "SUSE Bug 1225813",
"url": "https://bugzilla.suse.com/1225813"
},
{
"category": "self",
"summary": "SUSE Bug 1225903",
"url": "https://bugzilla.suse.com/1225903"
},
{
"category": "self",
"summary": "SUSE Bug 1226003",
"url": "https://bugzilla.suse.com/1226003"
},
{
"category": "self",
"summary": "SUSE Bug 1226130",
"url": "https://bugzilla.suse.com/1226130"
},
{
"category": "self",
"summary": "SUSE Bug 1226498",
"url": "https://bugzilla.suse.com/1226498"
},
{
"category": "self",
"summary": "SUSE Bug 1226623",
"url": "https://bugzilla.suse.com/1226623"
},
{
"category": "self",
"summary": "SUSE Bug 1226631",
"url": "https://bugzilla.suse.com/1226631"
},
{
"category": "self",
"summary": "SUSE Bug 1226748",
"url": "https://bugzilla.suse.com/1226748"
},
{
"category": "self",
"summary": "SUSE Bug 1226797",
"url": "https://bugzilla.suse.com/1226797"
},
{
"category": "self",
"summary": "SUSE Bug 1226848",
"url": "https://bugzilla.suse.com/1226848"
},
{
"category": "self",
"summary": "SUSE Bug 1226872",
"url": "https://bugzilla.suse.com/1226872"
},
{
"category": "self",
"summary": "SUSE Bug 1227726",
"url": "https://bugzilla.suse.com/1227726"
},
{
"category": "self",
"summary": "SUSE Bug 1227842",
"url": "https://bugzilla.suse.com/1227842"
},
{
"category": "self",
"summary": "SUSE Bug 1228119",
"url": "https://bugzilla.suse.com/1228119"
},
{
"category": "self",
"summary": "SUSE Bug 1228244",
"url": "https://bugzilla.suse.com/1228244"
},
{
"category": "self",
"summary": "SUSE Bug 1228269",
"url": "https://bugzilla.suse.com/1228269"
},
{
"category": "self",
"summary": "SUSE Bug 1228410",
"url": "https://bugzilla.suse.com/1228410"
},
{
"category": "self",
"summary": "SUSE Bug 1228430",
"url": "https://bugzilla.suse.com/1228430"
},
{
"category": "self",
"summary": "SUSE Bug 1228454",
"url": "https://bugzilla.suse.com/1228454"
},
{
"category": "self",
"summary": "SUSE Bug 1228537",
"url": "https://bugzilla.suse.com/1228537"
},
{
"category": "self",
"summary": "SUSE Bug 1228620",
"url": "https://bugzilla.suse.com/1228620"
},
{
"category": "self",
"summary": "SUSE Bug 1228743",
"url": "https://bugzilla.suse.com/1228743"
},
{
"category": "self",
"summary": "SUSE Bug 1228747",
"url": "https://bugzilla.suse.com/1228747"
},
{
"category": "self",
"summary": "SUSE Bug 1228850",
"url": "https://bugzilla.suse.com/1228850"
},
{
"category": "self",
"summary": "SUSE Bug 1228857",
"url": "https://bugzilla.suse.com/1228857"
},
{
"category": "self",
"summary": "SUSE Bug 1229019",
"url": "https://bugzilla.suse.com/1229019"
},
{
"category": "self",
"summary": "SUSE Bug 1229165",
"url": "https://bugzilla.suse.com/1229165"
},
{
"category": "self",
"summary": "SUSE Bug 1229429",
"url": "https://bugzilla.suse.com/1229429"
},
{
"category": "self",
"summary": "SUSE Bug 1229450",
"url": "https://bugzilla.suse.com/1229450"
},
{
"category": "self",
"summary": "SUSE Bug 1229585",
"url": "https://bugzilla.suse.com/1229585"
},
{
"category": "self",
"summary": "SUSE Bug 1229677",
"url": "https://bugzilla.suse.com/1229677"
},
{
"category": "self",
"summary": "SUSE Bug 1229769",
"url": "https://bugzilla.suse.com/1229769"
},
{
"category": "self",
"summary": "SUSE Bug 1229808",
"url": "https://bugzilla.suse.com/1229808"
},
{
"category": "self",
"summary": "SUSE Bug 1229891",
"url": "https://bugzilla.suse.com/1229891"
},
{
"category": "self",
"summary": "SUSE Bug 1230055",
"url": "https://bugzilla.suse.com/1230055"
},
{
"category": "self",
"summary": "SUSE Bug 1230132",
"url": "https://bugzilla.suse.com/1230132"
},
{
"category": "self",
"summary": "SUSE Bug 1230179",
"url": "https://bugzilla.suse.com/1230179"
},
{
"category": "self",
"summary": "SUSE Bug 1230220",
"url": "https://bugzilla.suse.com/1230220"
},
{
"category": "self",
"summary": "SUSE Bug 1230231",
"url": "https://bugzilla.suse.com/1230231"
},
{
"category": "self",
"summary": "SUSE Bug 1230289",
"url": "https://bugzilla.suse.com/1230289"
},
{
"category": "self",
"summary": "SUSE Bug 1230295",
"url": "https://bugzilla.suse.com/1230295"
},
{
"category": "self",
"summary": "SUSE Bug 1230339",
"url": "https://bugzilla.suse.com/1230339"
},
{
"category": "self",
"summary": "SUSE Bug 1230341",
"url": "https://bugzilla.suse.com/1230341"
},
{
"category": "self",
"summary": "SUSE Bug 1230375",
"url": "https://bugzilla.suse.com/1230375"
},
{
"category": "self",
"summary": "SUSE Bug 1230414",
"url": "https://bugzilla.suse.com/1230414"
},
{
"category": "self",
"summary": "SUSE Bug 1230429",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "self",
"summary": "SUSE Bug 1230456",
"url": "https://bugzilla.suse.com/1230456"
},
{
"category": "self",
"summary": "SUSE Bug 1230501",
"url": "https://bugzilla.suse.com/1230501"
},
{
"category": "self",
"summary": "SUSE Bug 1230527",
"url": "https://bugzilla.suse.com/1230527"
},
{
"category": "self",
"summary": "SUSE Bug 1230550",
"url": "https://bugzilla.suse.com/1230550"
},
{
"category": "self",
"summary": "SUSE Bug 1230557",
"url": "https://bugzilla.suse.com/1230557"
},
{
"category": "self",
"summary": "SUSE Bug 1230558",
"url": "https://bugzilla.suse.com/1230558"
},
{
"category": "self",
"summary": "SUSE Bug 1230600",
"url": "https://bugzilla.suse.com/1230600"
},
{
"category": "self",
"summary": "SUSE Bug 1230620",
"url": "https://bugzilla.suse.com/1230620"
},
{
"category": "self",
"summary": "SUSE Bug 1230710",
"url": "https://bugzilla.suse.com/1230710"
},
{
"category": "self",
"summary": "SUSE Bug 1230733",
"url": "https://bugzilla.suse.com/1230733"
},
{
"category": "self",
"summary": "SUSE Bug 1230762",
"url": "https://bugzilla.suse.com/1230762"
},
{
"category": "self",
"summary": "SUSE Bug 1230763",
"url": "https://bugzilla.suse.com/1230763"
},
{
"category": "self",
"summary": "SUSE Bug 1230773",
"url": "https://bugzilla.suse.com/1230773"
},
{
"category": "self",
"summary": "SUSE Bug 1230774",
"url": "https://bugzilla.suse.com/1230774"
},
{
"category": "self",
"summary": "SUSE Bug 1230801",
"url": "https://bugzilla.suse.com/1230801"
},
{
"category": "self",
"summary": "SUSE Bug 1230807",
"url": "https://bugzilla.suse.com/1230807"
},
{
"category": "self",
"summary": "SUSE Bug 1230817",
"url": "https://bugzilla.suse.com/1230817"
},
{
"category": "self",
"summary": "SUSE Bug 1230827",
"url": "https://bugzilla.suse.com/1230827"
},
{
"category": "self",
"summary": "SUSE Bug 1230831",
"url": "https://bugzilla.suse.com/1230831"
},
{
"category": "self",
"summary": "SUSE Bug 1230914",
"url": "https://bugzilla.suse.com/1230914"
},
{
"category": "self",
"summary": "SUSE Bug 1230918",
"url": "https://bugzilla.suse.com/1230918"
},
{
"category": "self",
"summary": "SUSE Bug 1230971",
"url": "https://bugzilla.suse.com/1230971"
},
{
"category": "self",
"summary": "SUSE Bug 1231016",
"url": "https://bugzilla.suse.com/1231016"
},
{
"category": "self",
"summary": "SUSE Bug 1231035",
"url": "https://bugzilla.suse.com/1231035"
},
{
"category": "self",
"summary": "SUSE Bug 1231072",
"url": "https://bugzilla.suse.com/1231072"
},
{
"category": "self",
"summary": "SUSE Bug 1231073",
"url": "https://bugzilla.suse.com/1231073"
},
{
"category": "self",
"summary": "SUSE Bug 1231075",
"url": "https://bugzilla.suse.com/1231075"
},
{
"category": "self",
"summary": "SUSE Bug 1231076",
"url": "https://bugzilla.suse.com/1231076"
},
{
"category": "self",
"summary": "SUSE Bug 1231081",
"url": "https://bugzilla.suse.com/1231081"
},
{
"category": "self",
"summary": "SUSE Bug 1231082",
"url": "https://bugzilla.suse.com/1231082"
},
{
"category": "self",
"summary": "SUSE Bug 1231083",
"url": "https://bugzilla.suse.com/1231083"
},
{
"category": "self",
"summary": "SUSE Bug 1231084",
"url": "https://bugzilla.suse.com/1231084"
},
{
"category": "self",
"summary": "SUSE Bug 1231085",
"url": "https://bugzilla.suse.com/1231085"
},
{
"category": "self",
"summary": "SUSE Bug 1231087",
"url": "https://bugzilla.suse.com/1231087"
},
{
"category": "self",
"summary": "SUSE Bug 1231089",
"url": "https://bugzilla.suse.com/1231089"
},
{
"category": "self",
"summary": "SUSE Bug 1231092",
"url": "https://bugzilla.suse.com/1231092"
},
{
"category": "self",
"summary": "SUSE Bug 1231093",
"url": "https://bugzilla.suse.com/1231093"
},
{
"category": "self",
"summary": "SUSE Bug 1231094",
"url": "https://bugzilla.suse.com/1231094"
},
{
"category": "self",
"summary": "SUSE Bug 1231096",
"url": "https://bugzilla.suse.com/1231096"
},
{
"category": "self",
"summary": "SUSE Bug 1231098",
"url": "https://bugzilla.suse.com/1231098"
},
{
"category": "self",
"summary": "SUSE Bug 1231100",
"url": "https://bugzilla.suse.com/1231100"
},
{
"category": "self",
"summary": "SUSE Bug 1231101",
"url": "https://bugzilla.suse.com/1231101"
},
{
"category": "self",
"summary": "SUSE Bug 1231102",
"url": "https://bugzilla.suse.com/1231102"
},
{
"category": "self",
"summary": "SUSE Bug 1231105",
"url": "https://bugzilla.suse.com/1231105"
},
{
"category": "self",
"summary": "SUSE Bug 1231108",
"url": "https://bugzilla.suse.com/1231108"
},
{
"category": "self",
"summary": "SUSE Bug 1231111",
"url": "https://bugzilla.suse.com/1231111"
},
{
"category": "self",
"summary": "SUSE Bug 1231114",
"url": "https://bugzilla.suse.com/1231114"
},
{
"category": "self",
"summary": "SUSE Bug 1231115",
"url": "https://bugzilla.suse.com/1231115"
},
{
"category": "self",
"summary": "SUSE Bug 1231116",
"url": "https://bugzilla.suse.com/1231116"
},
{
"category": "self",
"summary": "SUSE Bug 1231117",
"url": "https://bugzilla.suse.com/1231117"
},
{
"category": "self",
"summary": "SUSE Bug 1231131",
"url": "https://bugzilla.suse.com/1231131"
},
{
"category": "self",
"summary": "SUSE Bug 1231132",
"url": "https://bugzilla.suse.com/1231132"
},
{
"category": "self",
"summary": "SUSE Bug 1231135",
"url": "https://bugzilla.suse.com/1231135"
},
{
"category": "self",
"summary": "SUSE Bug 1231136",
"url": "https://bugzilla.suse.com/1231136"
},
{
"category": "self",
"summary": "SUSE Bug 1231138",
"url": "https://bugzilla.suse.com/1231138"
},
{
"category": "self",
"summary": "SUSE Bug 1231148",
"url": "https://bugzilla.suse.com/1231148"
},
{
"category": "self",
"summary": "SUSE Bug 1231169",
"url": "https://bugzilla.suse.com/1231169"
},
{
"category": "self",
"summary": "SUSE Bug 1231170",
"url": "https://bugzilla.suse.com/1231170"
},
{
"category": "self",
"summary": "SUSE Bug 1231171",
"url": "https://bugzilla.suse.com/1231171"
},
{
"category": "self",
"summary": "SUSE Bug 1231178",
"url": "https://bugzilla.suse.com/1231178"
},
{
"category": "self",
"summary": "SUSE Bug 1231179",
"url": "https://bugzilla.suse.com/1231179"
},
{
"category": "self",
"summary": "SUSE Bug 1231182",
"url": "https://bugzilla.suse.com/1231182"
},
{
"category": "self",
"summary": "SUSE Bug 1231183",
"url": "https://bugzilla.suse.com/1231183"
},
{
"category": "self",
"summary": "SUSE Bug 1231187",
"url": "https://bugzilla.suse.com/1231187"
},
{
"category": "self",
"summary": "SUSE Bug 1231191",
"url": "https://bugzilla.suse.com/1231191"
},
{
"category": "self",
"summary": "SUSE Bug 1231193",
"url": "https://bugzilla.suse.com/1231193"
},
{
"category": "self",
"summary": "SUSE Bug 1231195",
"url": "https://bugzilla.suse.com/1231195"
},
{
"category": "self",
"summary": "SUSE Bug 1231197",
"url": "https://bugzilla.suse.com/1231197"
},
{
"category": "self",
"summary": "SUSE Bug 1231200",
"url": "https://bugzilla.suse.com/1231200"
},
{
"category": "self",
"summary": "SUSE Bug 1231202",
"url": "https://bugzilla.suse.com/1231202"
},
{
"category": "self",
"summary": "SUSE Bug 1231203",
"url": "https://bugzilla.suse.com/1231203"
},
{
"category": "self",
"summary": "SUSE Bug 1231276",
"url": "https://bugzilla.suse.com/1231276"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1231384",
"url": "https://bugzilla.suse.com/1231384"
},
{
"category": "self",
"summary": "SUSE Bug 1231434",
"url": "https://bugzilla.suse.com/1231434"
},
{
"category": "self",
"summary": "SUSE Bug 1231435",
"url": "https://bugzilla.suse.com/1231435"
},
{
"category": "self",
"summary": "SUSE Bug 1231436",
"url": "https://bugzilla.suse.com/1231436"
},
{
"category": "self",
"summary": "SUSE Bug 1231439",
"url": "https://bugzilla.suse.com/1231439"
},
{
"category": "self",
"summary": "SUSE Bug 1231440",
"url": "https://bugzilla.suse.com/1231440"
},
{
"category": "self",
"summary": "SUSE Bug 1231441",
"url": "https://bugzilla.suse.com/1231441"
},
{
"category": "self",
"summary": "SUSE Bug 1231442",
"url": "https://bugzilla.suse.com/1231442"
},
{
"category": "self",
"summary": "SUSE Bug 1231452",
"url": "https://bugzilla.suse.com/1231452"
},
{
"category": "self",
"summary": "SUSE Bug 1231453",
"url": "https://bugzilla.suse.com/1231453"
},
{
"category": "self",
"summary": "SUSE Bug 1231465",
"url": "https://bugzilla.suse.com/1231465"
},
{
"category": "self",
"summary": "SUSE Bug 1231474",
"url": "https://bugzilla.suse.com/1231474"
},
{
"category": "self",
"summary": "SUSE Bug 1231481",
"url": "https://bugzilla.suse.com/1231481"
},
{
"category": "self",
"summary": "SUSE Bug 1231496",
"url": "https://bugzilla.suse.com/1231496"
},
{
"category": "self",
"summary": "SUSE Bug 1231502",
"url": "https://bugzilla.suse.com/1231502"
},
{
"category": "self",
"summary": "SUSE Bug 1231537",
"url": "https://bugzilla.suse.com/1231537"
},
{
"category": "self",
"summary": "SUSE Bug 1231539",
"url": "https://bugzilla.suse.com/1231539"
},
{
"category": "self",
"summary": "SUSE Bug 1231540",
"url": "https://bugzilla.suse.com/1231540"
},
{
"category": "self",
"summary": "SUSE Bug 1231541",
"url": "https://bugzilla.suse.com/1231541"
},
{
"category": "self",
"summary": "SUSE Bug 1231617",
"url": "https://bugzilla.suse.com/1231617"
},
{
"category": "self",
"summary": "SUSE Bug 1231630",
"url": "https://bugzilla.suse.com/1231630"
},
{
"category": "self",
"summary": "SUSE Bug 1231634",
"url": "https://bugzilla.suse.com/1231634"
},
{
"category": "self",
"summary": "SUSE Bug 1231635",
"url": "https://bugzilla.suse.com/1231635"
},
{
"category": "self",
"summary": "SUSE Bug 1231636",
"url": "https://bugzilla.suse.com/1231636"
},
{
"category": "self",
"summary": "SUSE Bug 1231637",
"url": "https://bugzilla.suse.com/1231637"
},
{
"category": "self",
"summary": "SUSE Bug 1231638",
"url": "https://bugzilla.suse.com/1231638"
},
{
"category": "self",
"summary": "SUSE Bug 1231639",
"url": "https://bugzilla.suse.com/1231639"
},
{
"category": "self",
"summary": "SUSE Bug 1231640",
"url": "https://bugzilla.suse.com/1231640"
},
{
"category": "self",
"summary": "SUSE Bug 1231673",
"url": "https://bugzilla.suse.com/1231673"
},
{
"category": "self",
"summary": "SUSE Bug 1231828",
"url": "https://bugzilla.suse.com/1231828"
},
{
"category": "self",
"summary": "SUSE Bug 1231849",
"url": "https://bugzilla.suse.com/1231849"
},
{
"category": "self",
"summary": "SUSE Bug 1231855",
"url": "https://bugzilla.suse.com/1231855"
},
{
"category": "self",
"summary": "SUSE Bug 1231856",
"url": "https://bugzilla.suse.com/1231856"
},
{
"category": "self",
"summary": "SUSE Bug 1231857",
"url": "https://bugzilla.suse.com/1231857"
},
{
"category": "self",
"summary": "SUSE Bug 1231858",
"url": "https://bugzilla.suse.com/1231858"
},
{
"category": "self",
"summary": "SUSE Bug 1231859",
"url": "https://bugzilla.suse.com/1231859"
},
{
"category": "self",
"summary": "SUSE Bug 1231860",
"url": "https://bugzilla.suse.com/1231860"
},
{
"category": "self",
"summary": "SUSE Bug 1231861",
"url": "https://bugzilla.suse.com/1231861"
},
{
"category": "self",
"summary": "SUSE Bug 1231864",
"url": "https://bugzilla.suse.com/1231864"
},
{
"category": "self",
"summary": "SUSE Bug 1231865",
"url": "https://bugzilla.suse.com/1231865"
},
{
"category": "self",
"summary": "SUSE Bug 1231868",
"url": "https://bugzilla.suse.com/1231868"
},
{
"category": "self",
"summary": "SUSE Bug 1231869",
"url": "https://bugzilla.suse.com/1231869"
},
{
"category": "self",
"summary": "SUSE Bug 1231871",
"url": "https://bugzilla.suse.com/1231871"
},
{
"category": "self",
"summary": "SUSE Bug 1231872",
"url": "https://bugzilla.suse.com/1231872"
},
{
"category": "self",
"summary": "SUSE Bug 1231901",
"url": "https://bugzilla.suse.com/1231901"
},
{
"category": "self",
"summary": "SUSE Bug 1231902",
"url": "https://bugzilla.suse.com/1231902"
},
{
"category": "self",
"summary": "SUSE Bug 1231903",
"url": "https://bugzilla.suse.com/1231903"
},
{
"category": "self",
"summary": "SUSE Bug 1231904",
"url": "https://bugzilla.suse.com/1231904"
},
{
"category": "self",
"summary": "SUSE Bug 1231906",
"url": "https://bugzilla.suse.com/1231906"
},
{
"category": "self",
"summary": "SUSE Bug 1231907",
"url": "https://bugzilla.suse.com/1231907"
},
{
"category": "self",
"summary": "SUSE Bug 1231908",
"url": "https://bugzilla.suse.com/1231908"
},
{
"category": "self",
"summary": "SUSE Bug 1231914",
"url": "https://bugzilla.suse.com/1231914"
},
{
"category": "self",
"summary": "SUSE Bug 1231916",
"url": "https://bugzilla.suse.com/1231916"
},
{
"category": "self",
"summary": "SUSE Bug 1231920",
"url": "https://bugzilla.suse.com/1231920"
},
{
"category": "self",
"summary": "SUSE Bug 1231924",
"url": "https://bugzilla.suse.com/1231924"
},
{
"category": "self",
"summary": "SUSE Bug 1231926",
"url": "https://bugzilla.suse.com/1231926"
},
{
"category": "self",
"summary": "SUSE Bug 1231930",
"url": "https://bugzilla.suse.com/1231930"
},
{
"category": "self",
"summary": "SUSE Bug 1231931",
"url": "https://bugzilla.suse.com/1231931"
},
{
"category": "self",
"summary": "SUSE Bug 1231935",
"url": "https://bugzilla.suse.com/1231935"
},
{
"category": "self",
"summary": "SUSE Bug 1231942",
"url": "https://bugzilla.suse.com/1231942"
},
{
"category": "self",
"summary": "SUSE Bug 1231944",
"url": "https://bugzilla.suse.com/1231944"
},
{
"category": "self",
"summary": "SUSE Bug 1231946",
"url": "https://bugzilla.suse.com/1231946"
},
{
"category": "self",
"summary": "SUSE Bug 1231947",
"url": "https://bugzilla.suse.com/1231947"
},
{
"category": "self",
"summary": "SUSE Bug 1231950",
"url": "https://bugzilla.suse.com/1231950"
},
{
"category": "self",
"summary": "SUSE Bug 1231951",
"url": "https://bugzilla.suse.com/1231951"
},
{
"category": "self",
"summary": "SUSE Bug 1231952",
"url": "https://bugzilla.suse.com/1231952"
},
{
"category": "self",
"summary": "SUSE Bug 1231953",
"url": "https://bugzilla.suse.com/1231953"
},
{
"category": "self",
"summary": "SUSE Bug 1231954",
"url": "https://bugzilla.suse.com/1231954"
},
{
"category": "self",
"summary": "SUSE Bug 1231955",
"url": "https://bugzilla.suse.com/1231955"
},
{
"category": "self",
"summary": "SUSE Bug 1231956",
"url": "https://bugzilla.suse.com/1231956"
},
{
"category": "self",
"summary": "SUSE Bug 1231957",
"url": "https://bugzilla.suse.com/1231957"
},
{
"category": "self",
"summary": "SUSE Bug 1231965",
"url": "https://bugzilla.suse.com/1231965"
},
{
"category": "self",
"summary": "SUSE Bug 1231967",
"url": "https://bugzilla.suse.com/1231967"
},
{
"category": "self",
"summary": "SUSE Bug 1231968",
"url": "https://bugzilla.suse.com/1231968"
},
{
"category": "self",
"summary": "SUSE Bug 1231987",
"url": "https://bugzilla.suse.com/1231987"
},
{
"category": "self",
"summary": "SUSE Bug 1231988",
"url": "https://bugzilla.suse.com/1231988"
},
{
"category": "self",
"summary": "SUSE Bug 1231989",
"url": "https://bugzilla.suse.com/1231989"
},
{
"category": "self",
"summary": "SUSE Bug 1231990",
"url": "https://bugzilla.suse.com/1231990"
},
{
"category": "self",
"summary": "SUSE Bug 1231998",
"url": "https://bugzilla.suse.com/1231998"
},
{
"category": "self",
"summary": "SUSE Bug 1232000",
"url": "https://bugzilla.suse.com/1232000"
},
{
"category": "self",
"summary": "SUSE Bug 1232003",
"url": "https://bugzilla.suse.com/1232003"
},
{
"category": "self",
"summary": "SUSE Bug 1232009",
"url": "https://bugzilla.suse.com/1232009"
},
{
"category": "self",
"summary": "SUSE Bug 1232013",
"url": "https://bugzilla.suse.com/1232013"
},
{
"category": "self",
"summary": "SUSE Bug 1232015",
"url": "https://bugzilla.suse.com/1232015"
},
{
"category": "self",
"summary": "SUSE Bug 1232016",
"url": "https://bugzilla.suse.com/1232016"
},
{
"category": "self",
"summary": "SUSE Bug 1232017",
"url": "https://bugzilla.suse.com/1232017"
},
{
"category": "self",
"summary": "SUSE Bug 1232018",
"url": "https://bugzilla.suse.com/1232018"
},
{
"category": "self",
"summary": "SUSE Bug 1232033",
"url": "https://bugzilla.suse.com/1232033"
},
{
"category": "self",
"summary": "SUSE Bug 1232034",
"url": "https://bugzilla.suse.com/1232034"
},
{
"category": "self",
"summary": "SUSE Bug 1232036",
"url": "https://bugzilla.suse.com/1232036"
},
{
"category": "self",
"summary": "SUSE Bug 1232043",
"url": "https://bugzilla.suse.com/1232043"
},
{
"category": "self",
"summary": "SUSE Bug 1232047",
"url": "https://bugzilla.suse.com/1232047"
},
{
"category": "self",
"summary": "SUSE Bug 1232048",
"url": "https://bugzilla.suse.com/1232048"
},
{
"category": "self",
"summary": "SUSE Bug 1232049",
"url": "https://bugzilla.suse.com/1232049"
},
{
"category": "self",
"summary": "SUSE Bug 1232050",
"url": "https://bugzilla.suse.com/1232050"
},
{
"category": "self",
"summary": "SUSE Bug 1232056",
"url": "https://bugzilla.suse.com/1232056"
},
{
"category": "self",
"summary": "SUSE Bug 1232075",
"url": "https://bugzilla.suse.com/1232075"
},
{
"category": "self",
"summary": "SUSE Bug 1232076",
"url": "https://bugzilla.suse.com/1232076"
},
{
"category": "self",
"summary": "SUSE Bug 1232079",
"url": "https://bugzilla.suse.com/1232079"
},
{
"category": "self",
"summary": "SUSE Bug 1232080",
"url": "https://bugzilla.suse.com/1232080"
},
{
"category": "self",
"summary": "SUSE Bug 1232083",
"url": "https://bugzilla.suse.com/1232083"
},
{
"category": "self",
"summary": "SUSE Bug 1232084",
"url": "https://bugzilla.suse.com/1232084"
},
{
"category": "self",
"summary": "SUSE Bug 1232085",
"url": "https://bugzilla.suse.com/1232085"
},
{
"category": "self",
"summary": "SUSE Bug 1232089",
"url": "https://bugzilla.suse.com/1232089"
},
{
"category": "self",
"summary": "SUSE Bug 1232090",
"url": "https://bugzilla.suse.com/1232090"
},
{
"category": "self",
"summary": "SUSE Bug 1232093",
"url": "https://bugzilla.suse.com/1232093"
},
{
"category": "self",
"summary": "SUSE Bug 1232094",
"url": "https://bugzilla.suse.com/1232094"
},
{
"category": "self",
"summary": "SUSE Bug 1232096",
"url": "https://bugzilla.suse.com/1232096"
},
{
"category": "self",
"summary": "SUSE Bug 1232097",
"url": "https://bugzilla.suse.com/1232097"
},
{
"category": "self",
"summary": "SUSE Bug 1232098",
"url": "https://bugzilla.suse.com/1232098"
},
{
"category": "self",
"summary": "SUSE Bug 1232103",
"url": "https://bugzilla.suse.com/1232103"
},
{
"category": "self",
"summary": "SUSE Bug 1232104",
"url": "https://bugzilla.suse.com/1232104"
},
{
"category": "self",
"summary": "SUSE Bug 1232105",
"url": "https://bugzilla.suse.com/1232105"
},
{
"category": "self",
"summary": "SUSE Bug 1232109",
"url": "https://bugzilla.suse.com/1232109"
},
{
"category": "self",
"summary": "SUSE Bug 1232111",
"url": "https://bugzilla.suse.com/1232111"
},
{
"category": "self",
"summary": "SUSE Bug 1232114",
"url": "https://bugzilla.suse.com/1232114"
},
{
"category": "self",
"summary": "SUSE Bug 1232116",
"url": "https://bugzilla.suse.com/1232116"
},
{
"category": "self",
"summary": "SUSE Bug 1232117",
"url": "https://bugzilla.suse.com/1232117"
},
{
"category": "self",
"summary": "SUSE Bug 1232124",
"url": "https://bugzilla.suse.com/1232124"
},
{
"category": "self",
"summary": "SUSE Bug 1232126",
"url": "https://bugzilla.suse.com/1232126"
},
{
"category": "self",
"summary": "SUSE Bug 1232127",
"url": "https://bugzilla.suse.com/1232127"
},
{
"category": "self",
"summary": "SUSE Bug 1232129",
"url": "https://bugzilla.suse.com/1232129"
},
{
"category": "self",
"summary": "SUSE Bug 1232130",
"url": "https://bugzilla.suse.com/1232130"
},
{
"category": "self",
"summary": "SUSE Bug 1232131",
"url": "https://bugzilla.suse.com/1232131"
},
{
"category": "self",
"summary": "SUSE Bug 1232132",
"url": "https://bugzilla.suse.com/1232132"
},
{
"category": "self",
"summary": "SUSE Bug 1232134",
"url": "https://bugzilla.suse.com/1232134"
},
{
"category": "self",
"summary": "SUSE Bug 1232135",
"url": "https://bugzilla.suse.com/1232135"
},
{
"category": "self",
"summary": "SUSE Bug 1232140",
"url": "https://bugzilla.suse.com/1232140"
},
{
"category": "self",
"summary": "SUSE Bug 1232141",
"url": "https://bugzilla.suse.com/1232141"
},
{
"category": "self",
"summary": "SUSE Bug 1232142",
"url": "https://bugzilla.suse.com/1232142"
},
{
"category": "self",
"summary": "SUSE Bug 1232145",
"url": "https://bugzilla.suse.com/1232145"
},
{
"category": "self",
"summary": "SUSE Bug 1232147",
"url": "https://bugzilla.suse.com/1232147"
},
{
"category": "self",
"summary": "SUSE Bug 1232148",
"url": "https://bugzilla.suse.com/1232148"
},
{
"category": "self",
"summary": "SUSE Bug 1232149",
"url": "https://bugzilla.suse.com/1232149"
},
{
"category": "self",
"summary": "SUSE Bug 1232151",
"url": "https://bugzilla.suse.com/1232151"
},
{
"category": "self",
"summary": "SUSE Bug 1232152",
"url": "https://bugzilla.suse.com/1232152"
},
{
"category": "self",
"summary": "SUSE Bug 1232154",
"url": "https://bugzilla.suse.com/1232154"
},
{
"category": "self",
"summary": "SUSE Bug 1232155",
"url": "https://bugzilla.suse.com/1232155"
},
{
"category": "self",
"summary": "SUSE Bug 1232156",
"url": "https://bugzilla.suse.com/1232156"
},
{
"category": "self",
"summary": "SUSE Bug 1232157",
"url": "https://bugzilla.suse.com/1232157"
},
{
"category": "self",
"summary": "SUSE Bug 1232159",
"url": "https://bugzilla.suse.com/1232159"
},
{
"category": "self",
"summary": "SUSE Bug 1232160",
"url": "https://bugzilla.suse.com/1232160"
},
{
"category": "self",
"summary": "SUSE Bug 1232162",
"url": "https://bugzilla.suse.com/1232162"
},
{
"category": "self",
"summary": "SUSE Bug 1232164",
"url": "https://bugzilla.suse.com/1232164"
},
{
"category": "self",
"summary": "SUSE Bug 1232165",
"url": "https://bugzilla.suse.com/1232165"
},
{
"category": "self",
"summary": "SUSE Bug 1232166",
"url": "https://bugzilla.suse.com/1232166"
},
{
"category": "self",
"summary": "SUSE Bug 1232174",
"url": "https://bugzilla.suse.com/1232174"
},
{
"category": "self",
"summary": "SUSE Bug 1232180",
"url": "https://bugzilla.suse.com/1232180"
},
{
"category": "self",
"summary": "SUSE Bug 1232182",
"url": "https://bugzilla.suse.com/1232182"
},
{
"category": "self",
"summary": "SUSE Bug 1232183",
"url": "https://bugzilla.suse.com/1232183"
},
{
"category": "self",
"summary": "SUSE Bug 1232185",
"url": "https://bugzilla.suse.com/1232185"
},
{
"category": "self",
"summary": "SUSE Bug 1232187",
"url": "https://bugzilla.suse.com/1232187"
},
{
"category": "self",
"summary": "SUSE Bug 1232189",
"url": "https://bugzilla.suse.com/1232189"
},
{
"category": "self",
"summary": "SUSE Bug 1232192",
"url": "https://bugzilla.suse.com/1232192"
},
{
"category": "self",
"summary": "SUSE Bug 1232195",
"url": "https://bugzilla.suse.com/1232195"
},
{
"category": "self",
"summary": "SUSE Bug 1232196",
"url": "https://bugzilla.suse.com/1232196"
},
{
"category": "self",
"summary": "SUSE Bug 1232198",
"url": "https://bugzilla.suse.com/1232198"
},
{
"category": "self",
"summary": "SUSE Bug 1232199",
"url": "https://bugzilla.suse.com/1232199"
},
{
"category": "self",
"summary": "SUSE Bug 1232200",
"url": "https://bugzilla.suse.com/1232200"
},
{
"category": "self",
"summary": "SUSE Bug 1232201",
"url": "https://bugzilla.suse.com/1232201"
},
{
"category": "self",
"summary": "SUSE Bug 1232207",
"url": "https://bugzilla.suse.com/1232207"
},
{
"category": "self",
"summary": "SUSE Bug 1232208",
"url": "https://bugzilla.suse.com/1232208"
},
{
"category": "self",
"summary": "SUSE Bug 1232217",
"url": "https://bugzilla.suse.com/1232217"
},
{
"category": "self",
"summary": "SUSE Bug 1232218",
"url": "https://bugzilla.suse.com/1232218"
},
{
"category": "self",
"summary": "SUSE Bug 1232220",
"url": "https://bugzilla.suse.com/1232220"
},
{
"category": "self",
"summary": "SUSE Bug 1232221",
"url": "https://bugzilla.suse.com/1232221"
},
{
"category": "self",
"summary": "SUSE Bug 1232222",
"url": "https://bugzilla.suse.com/1232222"
},
{
"category": "self",
"summary": "SUSE Bug 1232224",
"url": "https://bugzilla.suse.com/1232224"
},
{
"category": "self",
"summary": "SUSE Bug 1232232",
"url": "https://bugzilla.suse.com/1232232"
},
{
"category": "self",
"summary": "SUSE Bug 1232250",
"url": "https://bugzilla.suse.com/1232250"
},
{
"category": "self",
"summary": "SUSE Bug 1232251",
"url": "https://bugzilla.suse.com/1232251"
},
{
"category": "self",
"summary": "SUSE Bug 1232253",
"url": "https://bugzilla.suse.com/1232253"
},
{
"category": "self",
"summary": "SUSE Bug 1232254",
"url": "https://bugzilla.suse.com/1232254"
},
{
"category": "self",
"summary": "SUSE Bug 1232255",
"url": "https://bugzilla.suse.com/1232255"
},
{
"category": "self",
"summary": "SUSE Bug 1232256",
"url": "https://bugzilla.suse.com/1232256"
},
{
"category": "self",
"summary": "SUSE Bug 1232258",
"url": "https://bugzilla.suse.com/1232258"
},
{
"category": "self",
"summary": "SUSE Bug 1232259",
"url": "https://bugzilla.suse.com/1232259"
},
{
"category": "self",
"summary": "SUSE Bug 1232260",
"url": "https://bugzilla.suse.com/1232260"
},
{
"category": "self",
"summary": "SUSE Bug 1232262",
"url": "https://bugzilla.suse.com/1232262"
},
{
"category": "self",
"summary": "SUSE Bug 1232263",
"url": "https://bugzilla.suse.com/1232263"
},
{
"category": "self",
"summary": "SUSE Bug 1232264",
"url": "https://bugzilla.suse.com/1232264"
},
{
"category": "self",
"summary": "SUSE Bug 1232272",
"url": "https://bugzilla.suse.com/1232272"
},
{
"category": "self",
"summary": "SUSE Bug 1232275",
"url": "https://bugzilla.suse.com/1232275"
},
{
"category": "self",
"summary": "SUSE Bug 1232279",
"url": "https://bugzilla.suse.com/1232279"
},
{
"category": "self",
"summary": "SUSE Bug 1232282",
"url": "https://bugzilla.suse.com/1232282"
},
{
"category": "self",
"summary": "SUSE Bug 1232285",
"url": "https://bugzilla.suse.com/1232285"
},
{
"category": "self",
"summary": "SUSE Bug 1232287",
"url": "https://bugzilla.suse.com/1232287"
},
{
"category": "self",
"summary": "SUSE Bug 1232295",
"url": "https://bugzilla.suse.com/1232295"
},
{
"category": "self",
"summary": "SUSE Bug 1232305",
"url": "https://bugzilla.suse.com/1232305"
},
{
"category": "self",
"summary": "SUSE Bug 1232307",
"url": "https://bugzilla.suse.com/1232307"
},
{
"category": "self",
"summary": "SUSE Bug 1232309",
"url": "https://bugzilla.suse.com/1232309"
},
{
"category": "self",
"summary": "SUSE Bug 1232310",
"url": "https://bugzilla.suse.com/1232310"
},
{
"category": "self",
"summary": "SUSE Bug 1232312",
"url": "https://bugzilla.suse.com/1232312"
},
{
"category": "self",
"summary": "SUSE Bug 1232313",
"url": "https://bugzilla.suse.com/1232313"
},
{
"category": "self",
"summary": "SUSE Bug 1232314",
"url": "https://bugzilla.suse.com/1232314"
},
{
"category": "self",
"summary": "SUSE Bug 1232315",
"url": "https://bugzilla.suse.com/1232315"
},
{
"category": "self",
"summary": "SUSE Bug 1232316",
"url": "https://bugzilla.suse.com/1232316"
},
{
"category": "self",
"summary": "SUSE Bug 1232317",
"url": "https://bugzilla.suse.com/1232317"
},
{
"category": "self",
"summary": "SUSE Bug 1232318",
"url": "https://bugzilla.suse.com/1232318"
},
{
"category": "self",
"summary": "SUSE Bug 1232329",
"url": "https://bugzilla.suse.com/1232329"
},
{
"category": "self",
"summary": "SUSE Bug 1232332",
"url": "https://bugzilla.suse.com/1232332"
},
{
"category": "self",
"summary": "SUSE Bug 1232333",
"url": "https://bugzilla.suse.com/1232333"
},
{
"category": "self",
"summary": "SUSE Bug 1232334",
"url": "https://bugzilla.suse.com/1232334"
},
{
"category": "self",
"summary": "SUSE Bug 1232335",
"url": "https://bugzilla.suse.com/1232335"
},
{
"category": "self",
"summary": "SUSE Bug 1232337",
"url": "https://bugzilla.suse.com/1232337"
},
{
"category": "self",
"summary": "SUSE Bug 1232339",
"url": "https://bugzilla.suse.com/1232339"
},
{
"category": "self",
"summary": "SUSE Bug 1232340",
"url": "https://bugzilla.suse.com/1232340"
},
{
"category": "self",
"summary": "SUSE Bug 1232342",
"url": "https://bugzilla.suse.com/1232342"
},
{
"category": "self",
"summary": "SUSE Bug 1232345",
"url": "https://bugzilla.suse.com/1232345"
},
{
"category": "self",
"summary": "SUSE Bug 1232349",
"url": "https://bugzilla.suse.com/1232349"
},
{
"category": "self",
"summary": "SUSE Bug 1232352",
"url": "https://bugzilla.suse.com/1232352"
},
{
"category": "self",
"summary": "SUSE Bug 1232354",
"url": "https://bugzilla.suse.com/1232354"
},
{
"category": "self",
"summary": "SUSE Bug 1232355",
"url": "https://bugzilla.suse.com/1232355"
},
{
"category": "self",
"summary": "SUSE Bug 1232357",
"url": "https://bugzilla.suse.com/1232357"
},
{
"category": "self",
"summary": "SUSE Bug 1232358",
"url": "https://bugzilla.suse.com/1232358"
},
{
"category": "self",
"summary": "SUSE Bug 1232359",
"url": "https://bugzilla.suse.com/1232359"
},
{
"category": "self",
"summary": "SUSE Bug 1232361",
"url": "https://bugzilla.suse.com/1232361"
},
{
"category": "self",
"summary": "SUSE Bug 1232362",
"url": "https://bugzilla.suse.com/1232362"
},
{
"category": "self",
"summary": "SUSE Bug 1232366",
"url": "https://bugzilla.suse.com/1232366"
},
{
"category": "self",
"summary": "SUSE Bug 1232367",
"url": "https://bugzilla.suse.com/1232367"
},
{
"category": "self",
"summary": "SUSE Bug 1232368",
"url": "https://bugzilla.suse.com/1232368"
},
{
"category": "self",
"summary": "SUSE Bug 1232369",
"url": "https://bugzilla.suse.com/1232369"
},
{
"category": "self",
"summary": "SUSE Bug 1232370",
"url": "https://bugzilla.suse.com/1232370"
},
{
"category": "self",
"summary": "SUSE Bug 1232371",
"url": "https://bugzilla.suse.com/1232371"
},
{
"category": "self",
"summary": "SUSE Bug 1232374",
"url": "https://bugzilla.suse.com/1232374"
},
{
"category": "self",
"summary": "SUSE Bug 1232378",
"url": "https://bugzilla.suse.com/1232378"
},
{
"category": "self",
"summary": "SUSE Bug 1232381",
"url": "https://bugzilla.suse.com/1232381"
},
{
"category": "self",
"summary": "SUSE Bug 1232383",
"url": "https://bugzilla.suse.com/1232383"
},
{
"category": "self",
"summary": "SUSE Bug 1232385",
"url": "https://bugzilla.suse.com/1232385"
},
{
"category": "self",
"summary": "SUSE Bug 1232386",
"url": "https://bugzilla.suse.com/1232386"
},
{
"category": "self",
"summary": "SUSE Bug 1232387",
"url": "https://bugzilla.suse.com/1232387"
},
{
"category": "self",
"summary": "SUSE Bug 1232392",
"url": "https://bugzilla.suse.com/1232392"
},
{
"category": "self",
"summary": "SUSE Bug 1232394",
"url": "https://bugzilla.suse.com/1232394"
},
{
"category": "self",
"summary": "SUSE Bug 1232395",
"url": "https://bugzilla.suse.com/1232395"
},
{
"category": "self",
"summary": "SUSE Bug 1232396",
"url": "https://bugzilla.suse.com/1232396"
},
{
"category": "self",
"summary": "SUSE Bug 1232413",
"url": "https://bugzilla.suse.com/1232413"
},
{
"category": "self",
"summary": "SUSE Bug 1232416",
"url": "https://bugzilla.suse.com/1232416"
},
{
"category": "self",
"summary": "SUSE Bug 1232417",
"url": "https://bugzilla.suse.com/1232417"
},
{
"category": "self",
"summary": "SUSE Bug 1232418",
"url": "https://bugzilla.suse.com/1232418"
},
{
"category": "self",
"summary": "SUSE Bug 1232424",
"url": "https://bugzilla.suse.com/1232424"
},
{
"category": "self",
"summary": "SUSE Bug 1232427",
"url": "https://bugzilla.suse.com/1232427"
},
{
"category": "self",
"summary": "SUSE Bug 1232432",
"url": "https://bugzilla.suse.com/1232432"
},
{
"category": "self",
"summary": "SUSE Bug 1232435",
"url": "https://bugzilla.suse.com/1232435"
},
{
"category": "self",
"summary": "SUSE Bug 1232436",
"url": "https://bugzilla.suse.com/1232436"
},
{
"category": "self",
"summary": "SUSE Bug 1232442",
"url": "https://bugzilla.suse.com/1232442"
},
{
"category": "self",
"summary": "SUSE Bug 1232446",
"url": "https://bugzilla.suse.com/1232446"
},
{
"category": "self",
"summary": "SUSE Bug 1232483",
"url": "https://bugzilla.suse.com/1232483"
},
{
"category": "self",
"summary": "SUSE Bug 1232494",
"url": "https://bugzilla.suse.com/1232494"
},
{
"category": "self",
"summary": "SUSE Bug 1232498",
"url": "https://bugzilla.suse.com/1232498"
},
{
"category": "self",
"summary": "SUSE Bug 1232499",
"url": "https://bugzilla.suse.com/1232499"
},
{
"category": "self",
"summary": "SUSE Bug 1232500",
"url": "https://bugzilla.suse.com/1232500"
},
{
"category": "self",
"summary": "SUSE Bug 1232501",
"url": "https://bugzilla.suse.com/1232501"
},
{
"category": "self",
"summary": "SUSE Bug 1232502",
"url": "https://bugzilla.suse.com/1232502"
},
{
"category": "self",
"summary": "SUSE Bug 1232503",
"url": "https://bugzilla.suse.com/1232503"
},
{
"category": "self",
"summary": "SUSE Bug 1232504",
"url": "https://bugzilla.suse.com/1232504"
},
{
"category": "self",
"summary": "SUSE Bug 1232505",
"url": "https://bugzilla.suse.com/1232505"
},
{
"category": "self",
"summary": "SUSE Bug 1232506",
"url": "https://bugzilla.suse.com/1232506"
},
{
"category": "self",
"summary": "SUSE Bug 1232507",
"url": "https://bugzilla.suse.com/1232507"
},
{
"category": "self",
"summary": "SUSE Bug 1232511",
"url": "https://bugzilla.suse.com/1232511"
},
{
"category": "self",
"summary": "SUSE Bug 1232519",
"url": "https://bugzilla.suse.com/1232519"
},
{
"category": "self",
"summary": "SUSE Bug 1232520",
"url": "https://bugzilla.suse.com/1232520"
},
{
"category": "self",
"summary": "SUSE Bug 1232529",
"url": "https://bugzilla.suse.com/1232529"
},
{
"category": "self",
"summary": "SUSE Bug 1232552",
"url": "https://bugzilla.suse.com/1232552"
},
{
"category": "self",
"summary": "SUSE Bug 1232623",
"url": "https://bugzilla.suse.com/1232623"
},
{
"category": "self",
"summary": "SUSE Bug 1232626",
"url": "https://bugzilla.suse.com/1232626"
},
{
"category": "self",
"summary": "SUSE Bug 1232627",
"url": "https://bugzilla.suse.com/1232627"
},
{
"category": "self",
"summary": "SUSE Bug 1232628",
"url": "https://bugzilla.suse.com/1232628"
},
{
"category": "self",
"summary": "SUSE Bug 1232629",
"url": "https://bugzilla.suse.com/1232629"
},
{
"category": "self",
"summary": "SUSE Bug 1232704",
"url": "https://bugzilla.suse.com/1232704"
},
{
"category": "self",
"summary": "SUSE Bug 1232757",
"url": "https://bugzilla.suse.com/1232757"
},
{
"category": "self",
"summary": "SUSE Bug 1232768",
"url": "https://bugzilla.suse.com/1232768"
},
{
"category": "self",
"summary": "SUSE Bug 1232819",
"url": "https://bugzilla.suse.com/1232819"
},
{
"category": "self",
"summary": "SUSE Bug 1232823",
"url": "https://bugzilla.suse.com/1232823"
},
{
"category": "self",
"summary": "SUSE Bug 1232860",
"url": "https://bugzilla.suse.com/1232860"
},
{
"category": "self",
"summary": "SUSE Bug 1232869",
"url": "https://bugzilla.suse.com/1232869"
},
{
"category": "self",
"summary": "SUSE Bug 1232870",
"url": "https://bugzilla.suse.com/1232870"
},
{
"category": "self",
"summary": "SUSE Bug 1232873",
"url": "https://bugzilla.suse.com/1232873"
},
{
"category": "self",
"summary": "SUSE Bug 1232876",
"url": "https://bugzilla.suse.com/1232876"
},
{
"category": "self",
"summary": "SUSE Bug 1232877",
"url": "https://bugzilla.suse.com/1232877"
},
{
"category": "self",
"summary": "SUSE Bug 1232878",
"url": "https://bugzilla.suse.com/1232878"
},
{
"category": "self",
"summary": "SUSE Bug 1232880",
"url": "https://bugzilla.suse.com/1232880"
},
{
"category": "self",
"summary": "SUSE Bug 1232881",
"url": "https://bugzilla.suse.com/1232881"
},
{
"category": "self",
"summary": "SUSE Bug 1232884",
"url": "https://bugzilla.suse.com/1232884"
},
{
"category": "self",
"summary": "SUSE Bug 1232885",
"url": "https://bugzilla.suse.com/1232885"
},
{
"category": "self",
"summary": "SUSE Bug 1232887",
"url": "https://bugzilla.suse.com/1232887"
},
{
"category": "self",
"summary": "SUSE Bug 1232888",
"url": "https://bugzilla.suse.com/1232888"
},
{
"category": "self",
"summary": "SUSE Bug 1232890",
"url": "https://bugzilla.suse.com/1232890"
},
{
"category": "self",
"summary": "SUSE Bug 1232892",
"url": "https://bugzilla.suse.com/1232892"
},
{
"category": "self",
"summary": "SUSE Bug 1232894",
"url": "https://bugzilla.suse.com/1232894"
},
{
"category": "self",
"summary": "SUSE Bug 1232896",
"url": "https://bugzilla.suse.com/1232896"
},
{
"category": "self",
"summary": "SUSE Bug 1232897",
"url": "https://bugzilla.suse.com/1232897"
},
{
"category": "self",
"summary": "SUSE Bug 1232905",
"url": "https://bugzilla.suse.com/1232905"
},
{
"category": "self",
"summary": "SUSE Bug 1232907",
"url": "https://bugzilla.suse.com/1232907"
},
{
"category": "self",
"summary": "SUSE Bug 1232914",
"url": "https://bugzilla.suse.com/1232914"
},
{
"category": "self",
"summary": "SUSE Bug 1232919",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "self",
"summary": "SUSE Bug 1232925",
"url": "https://bugzilla.suse.com/1232925"
},
{
"category": "self",
"summary": "SUSE Bug 1232926",
"url": "https://bugzilla.suse.com/1232926"
},
{
"category": "self",
"summary": "SUSE Bug 1232928",
"url": "https://bugzilla.suse.com/1232928"
},
{
"category": "self",
"summary": "SUSE Bug 1232935",
"url": "https://bugzilla.suse.com/1232935"
},
{
"category": "self",
"summary": "SUSE Bug 1233029",
"url": "https://bugzilla.suse.com/1233029"
},
{
"category": "self",
"summary": "SUSE Bug 1233032",
"url": "https://bugzilla.suse.com/1233032"
},
{
"category": "self",
"summary": "SUSE Bug 1233035",
"url": "https://bugzilla.suse.com/1233035"
},
{
"category": "self",
"summary": "SUSE Bug 1233036",
"url": "https://bugzilla.suse.com/1233036"
},
{
"category": "self",
"summary": "SUSE Bug 1233041",
"url": "https://bugzilla.suse.com/1233041"
},
{
"category": "self",
"summary": "SUSE Bug 1233044",
"url": "https://bugzilla.suse.com/1233044"
},
{
"category": "self",
"summary": "SUSE Bug 1233049",
"url": "https://bugzilla.suse.com/1233049"
},
{
"category": "self",
"summary": "SUSE Bug 1233050",
"url": "https://bugzilla.suse.com/1233050"
},
{
"category": "self",
"summary": "SUSE Bug 1233051",
"url": "https://bugzilla.suse.com/1233051"
},
{
"category": "self",
"summary": "SUSE Bug 1233056",
"url": "https://bugzilla.suse.com/1233056"
},
{
"category": "self",
"summary": "SUSE Bug 1233057",
"url": "https://bugzilla.suse.com/1233057"
},
{
"category": "self",
"summary": "SUSE Bug 1233061",
"url": "https://bugzilla.suse.com/1233061"
},
{
"category": "self",
"summary": "SUSE Bug 1233062",
"url": "https://bugzilla.suse.com/1233062"
},
{
"category": "self",
"summary": "SUSE Bug 1233063",
"url": "https://bugzilla.suse.com/1233063"
},
{
"category": "self",
"summary": "SUSE Bug 1233065",
"url": "https://bugzilla.suse.com/1233065"
},
{
"category": "self",
"summary": "SUSE Bug 1233067",
"url": "https://bugzilla.suse.com/1233067"
},
{
"category": "self",
"summary": "SUSE Bug 1233070",
"url": "https://bugzilla.suse.com/1233070"
},
{
"category": "self",
"summary": "SUSE Bug 1233073",
"url": "https://bugzilla.suse.com/1233073"
},
{
"category": "self",
"summary": "SUSE Bug 1233074",
"url": "https://bugzilla.suse.com/1233074"
},
{
"category": "self",
"summary": "SUSE Bug 1233088",
"url": "https://bugzilla.suse.com/1233088"
},
{
"category": "self",
"summary": "SUSE Bug 1233091",
"url": "https://bugzilla.suse.com/1233091"
},
{
"category": "self",
"summary": "SUSE Bug 1233092",
"url": "https://bugzilla.suse.com/1233092"
},
{
"category": "self",
"summary": "SUSE Bug 1233097",
"url": "https://bugzilla.suse.com/1233097"
},
{
"category": "self",
"summary": "SUSE Bug 1233100",
"url": "https://bugzilla.suse.com/1233100"
},
{
"category": "self",
"summary": "SUSE Bug 1233103",
"url": "https://bugzilla.suse.com/1233103"
},
{
"category": "self",
"summary": "SUSE Bug 1233104",
"url": "https://bugzilla.suse.com/1233104"
},
{
"category": "self",
"summary": "SUSE Bug 1233105",
"url": "https://bugzilla.suse.com/1233105"
},
{
"category": "self",
"summary": "SUSE Bug 1233106",
"url": "https://bugzilla.suse.com/1233106"
},
{
"category": "self",
"summary": "SUSE Bug 1233107",
"url": "https://bugzilla.suse.com/1233107"
},
{
"category": "self",
"summary": "SUSE Bug 1233108",
"url": "https://bugzilla.suse.com/1233108"
},
{
"category": "self",
"summary": "SUSE Bug 1233110",
"url": "https://bugzilla.suse.com/1233110"
},
{
"category": "self",
"summary": "SUSE Bug 1233111",
"url": "https://bugzilla.suse.com/1233111"
},
{
"category": "self",
"summary": "SUSE Bug 1233113",
"url": "https://bugzilla.suse.com/1233113"
},
{
"category": "self",
"summary": "SUSE Bug 1233114",
"url": "https://bugzilla.suse.com/1233114"
},
{
"category": "self",
"summary": "SUSE Bug 1233115",
"url": "https://bugzilla.suse.com/1233115"
},
{
"category": "self",
"summary": "SUSE Bug 1233117",
"url": "https://bugzilla.suse.com/1233117"
},
{
"category": "self",
"summary": "SUSE Bug 1233119",
"url": "https://bugzilla.suse.com/1233119"
},
{
"category": "self",
"summary": "SUSE Bug 1233123",
"url": "https://bugzilla.suse.com/1233123"
},
{
"category": "self",
"summary": "SUSE Bug 1233125",
"url": "https://bugzilla.suse.com/1233125"
},
{
"category": "self",
"summary": "SUSE Bug 1233127",
"url": "https://bugzilla.suse.com/1233127"
},
{
"category": "self",
"summary": "SUSE Bug 1233129",
"url": "https://bugzilla.suse.com/1233129"
},
{
"category": "self",
"summary": "SUSE Bug 1233130",
"url": "https://bugzilla.suse.com/1233130"
},
{
"category": "self",
"summary": "SUSE Bug 1233132",
"url": "https://bugzilla.suse.com/1233132"
},
{
"category": "self",
"summary": "SUSE Bug 1233135",
"url": "https://bugzilla.suse.com/1233135"
},
{
"category": "self",
"summary": "SUSE Bug 1233176",
"url": "https://bugzilla.suse.com/1233176"
},
{
"category": "self",
"summary": "SUSE Bug 1233179",
"url": "https://bugzilla.suse.com/1233179"
},
{
"category": "self",
"summary": "SUSE Bug 1233185",
"url": "https://bugzilla.suse.com/1233185"
},
{
"category": "self",
"summary": "SUSE Bug 1233188",
"url": "https://bugzilla.suse.com/1233188"
},
{
"category": "self",
"summary": "SUSE Bug 1233189",
"url": "https://bugzilla.suse.com/1233189"
},
{
"category": "self",
"summary": "SUSE Bug 1233191",
"url": "https://bugzilla.suse.com/1233191"
},
{
"category": "self",
"summary": "SUSE Bug 1233193",
"url": "https://bugzilla.suse.com/1233193"
},
{
"category": "self",
"summary": "SUSE Bug 1233197",
"url": "https://bugzilla.suse.com/1233197"
},
{
"category": "self",
"summary": "SUSE Bug 1233201",
"url": "https://bugzilla.suse.com/1233201"
},
{
"category": "self",
"summary": "SUSE Bug 1233203",
"url": "https://bugzilla.suse.com/1233203"
},
{
"category": "self",
"summary": "SUSE Bug 1233204",
"url": "https://bugzilla.suse.com/1233204"
},
{
"category": "self",
"summary": "SUSE Bug 1233205",
"url": "https://bugzilla.suse.com/1233205"
},
{
"category": "self",
"summary": "SUSE Bug 1233206",
"url": "https://bugzilla.suse.com/1233206"
},
{
"category": "self",
"summary": "SUSE Bug 1233207",
"url": "https://bugzilla.suse.com/1233207"
},
{
"category": "self",
"summary": "SUSE Bug 1233208",
"url": "https://bugzilla.suse.com/1233208"
},
{
"category": "self",
"summary": "SUSE Bug 1233209",
"url": "https://bugzilla.suse.com/1233209"
},
{
"category": "self",
"summary": "SUSE Bug 1233210",
"url": "https://bugzilla.suse.com/1233210"
},
{
"category": "self",
"summary": "SUSE Bug 1233211",
"url": "https://bugzilla.suse.com/1233211"
},
{
"category": "self",
"summary": "SUSE Bug 1233212",
"url": "https://bugzilla.suse.com/1233212"
},
{
"category": "self",
"summary": "SUSE Bug 1233216",
"url": "https://bugzilla.suse.com/1233216"
},
{
"category": "self",
"summary": "SUSE Bug 1233217",
"url": "https://bugzilla.suse.com/1233217"
},
{
"category": "self",
"summary": "SUSE Bug 1233219",
"url": "https://bugzilla.suse.com/1233219"
},
{
"category": "self",
"summary": "SUSE Bug 1233226",
"url": "https://bugzilla.suse.com/1233226"
},
{
"category": "self",
"summary": "SUSE Bug 1233238",
"url": "https://bugzilla.suse.com/1233238"
},
{
"category": "self",
"summary": "SUSE Bug 1233241",
"url": "https://bugzilla.suse.com/1233241"
},
{
"category": "self",
"summary": "SUSE Bug 1233244",
"url": "https://bugzilla.suse.com/1233244"
},
{
"category": "self",
"summary": "SUSE Bug 1233253",
"url": "https://bugzilla.suse.com/1233253"
},
{
"category": "self",
"summary": "SUSE Bug 1233255",
"url": "https://bugzilla.suse.com/1233255"
},
{
"category": "self",
"summary": "SUSE Bug 1233293",
"url": "https://bugzilla.suse.com/1233293"
},
{
"category": "self",
"summary": "SUSE Bug 1233298",
"url": "https://bugzilla.suse.com/1233298"
},
{
"category": "self",
"summary": "SUSE Bug 1233305",
"url": "https://bugzilla.suse.com/1233305"
},
{
"category": "self",
"summary": "SUSE Bug 1233320",
"url": "https://bugzilla.suse.com/1233320"
},
{
"category": "self",
"summary": "SUSE Bug 1233350",
"url": "https://bugzilla.suse.com/1233350"
},
{
"category": "self",
"summary": "SUSE Bug 1233443",
"url": "https://bugzilla.suse.com/1233443"
},
{
"category": "self",
"summary": "SUSE Bug 1233452",
"url": "https://bugzilla.suse.com/1233452"
},
{
"category": "self",
"summary": "SUSE Bug 1233453",
"url": "https://bugzilla.suse.com/1233453"
},
{
"category": "self",
"summary": "SUSE Bug 1233454",
"url": "https://bugzilla.suse.com/1233454"
},
{
"category": "self",
"summary": "SUSE Bug 1233456",
"url": "https://bugzilla.suse.com/1233456"
},
{
"category": "self",
"summary": "SUSE Bug 1233457",
"url": "https://bugzilla.suse.com/1233457"
},
{
"category": "self",
"summary": "SUSE Bug 1233458",
"url": "https://bugzilla.suse.com/1233458"
},
{
"category": "self",
"summary": "SUSE Bug 1233460",
"url": "https://bugzilla.suse.com/1233460"
},
{
"category": "self",
"summary": "SUSE Bug 1233462",
"url": "https://bugzilla.suse.com/1233462"
},
{
"category": "self",
"summary": "SUSE Bug 1233463",
"url": "https://bugzilla.suse.com/1233463"
},
{
"category": "self",
"summary": "SUSE Bug 1233464",
"url": "https://bugzilla.suse.com/1233464"
},
{
"category": "self",
"summary": "SUSE Bug 1233465",
"url": "https://bugzilla.suse.com/1233465"
},
{
"category": "self",
"summary": "SUSE Bug 1233468",
"url": "https://bugzilla.suse.com/1233468"
},
{
"category": "self",
"summary": "SUSE Bug 1233471",
"url": "https://bugzilla.suse.com/1233471"
},
{
"category": "self",
"summary": "SUSE Bug 1233476",
"url": "https://bugzilla.suse.com/1233476"
},
{
"category": "self",
"summary": "SUSE Bug 1233478",
"url": "https://bugzilla.suse.com/1233478"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233481",
"url": "https://bugzilla.suse.com/1233481"
},
{
"category": "self",
"summary": "SUSE Bug 1233484",
"url": "https://bugzilla.suse.com/1233484"
},
{
"category": "self",
"summary": "SUSE Bug 1233485",
"url": "https://bugzilla.suse.com/1233485"
},
{
"category": "self",
"summary": "SUSE Bug 1233487",
"url": "https://bugzilla.suse.com/1233487"
},
{
"category": "self",
"summary": "SUSE Bug 1233490",
"url": "https://bugzilla.suse.com/1233490"
},
{
"category": "self",
"summary": "SUSE Bug 1233491",
"url": "https://bugzilla.suse.com/1233491"
},
{
"category": "self",
"summary": "SUSE Bug 1233523",
"url": "https://bugzilla.suse.com/1233523"
},
{
"category": "self",
"summary": "SUSE Bug 1233524",
"url": "https://bugzilla.suse.com/1233524"
},
{
"category": "self",
"summary": "SUSE Bug 1233540",
"url": "https://bugzilla.suse.com/1233540"
},
{
"category": "self",
"summary": "SUSE Bug 1233547",
"url": "https://bugzilla.suse.com/1233547"
},
{
"category": "self",
"summary": "SUSE Bug 1233548",
"url": "https://bugzilla.suse.com/1233548"
},
{
"category": "self",
"summary": "SUSE Bug 1233550",
"url": "https://bugzilla.suse.com/1233550"
},
{
"category": "self",
"summary": "SUSE Bug 1233552",
"url": "https://bugzilla.suse.com/1233552"
},
{
"category": "self",
"summary": "SUSE Bug 1233553",
"url": "https://bugzilla.suse.com/1233553"
},
{
"category": "self",
"summary": "SUSE Bug 1233554",
"url": "https://bugzilla.suse.com/1233554"
},
{
"category": "self",
"summary": "SUSE Bug 1233555",
"url": "https://bugzilla.suse.com/1233555"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1233560",
"url": "https://bugzilla.suse.com/1233560"
},
{
"category": "self",
"summary": "SUSE Bug 1233561",
"url": "https://bugzilla.suse.com/1233561"
},
{
"category": "self",
"summary": "SUSE Bug 1233564",
"url": "https://bugzilla.suse.com/1233564"
},
{
"category": "self",
"summary": "SUSE Bug 1233566",
"url": "https://bugzilla.suse.com/1233566"
},
{
"category": "self",
"summary": "SUSE Bug 1233567",
"url": "https://bugzilla.suse.com/1233567"
},
{
"category": "self",
"summary": "SUSE Bug 1233568",
"url": "https://bugzilla.suse.com/1233568"
},
{
"category": "self",
"summary": "SUSE Bug 1233570",
"url": "https://bugzilla.suse.com/1233570"
},
{
"category": "self",
"summary": "SUSE Bug 1233572",
"url": "https://bugzilla.suse.com/1233572"
},
{
"category": "self",
"summary": "SUSE Bug 1233573",
"url": "https://bugzilla.suse.com/1233573"
},
{
"category": "self",
"summary": "SUSE Bug 1233577",
"url": "https://bugzilla.suse.com/1233577"
},
{
"category": "self",
"summary": "SUSE Bug 1233580",
"url": "https://bugzilla.suse.com/1233580"
},
{
"category": "self",
"summary": "SUSE Bug 1233640",
"url": "https://bugzilla.suse.com/1233640"
},
{
"category": "self",
"summary": "SUSE Bug 1233641",
"url": "https://bugzilla.suse.com/1233641"
},
{
"category": "self",
"summary": "SUSE Bug 1233642",
"url": "https://bugzilla.suse.com/1233642"
},
{
"category": "self",
"summary": "SUSE Bug 1233721",
"url": "https://bugzilla.suse.com/1233721"
},
{
"category": "self",
"summary": "SUSE Bug 1233754",
"url": "https://bugzilla.suse.com/1233754"
},
{
"category": "self",
"summary": "SUSE Bug 1233756",
"url": "https://bugzilla.suse.com/1233756"
},
{
"category": "self",
"summary": "SUSE Bug 1233769",
"url": "https://bugzilla.suse.com/1233769"
},
{
"category": "self",
"summary": "SUSE Bug 1233771",
"url": "https://bugzilla.suse.com/1233771"
},
{
"category": "self",
"summary": "SUSE Bug 1233977",
"url": "https://bugzilla.suse.com/1233977"
},
{
"category": "self",
"summary": "SUSE Bug 1234009",
"url": "https://bugzilla.suse.com/1234009"
},
{
"category": "self",
"summary": "SUSE Bug 1234011",
"url": "https://bugzilla.suse.com/1234011"
},
{
"category": "self",
"summary": "SUSE Bug 1234012",
"url": "https://bugzilla.suse.com/1234012"
},
{
"category": "self",
"summary": "SUSE Bug 1234025",
"url": "https://bugzilla.suse.com/1234025"
},
{
"category": "self",
"summary": "SUSE Bug 1234039",
"url": "https://bugzilla.suse.com/1234039"
},
{
"category": "self",
"summary": "SUSE Bug 1234040",
"url": "https://bugzilla.suse.com/1234040"
},
{
"category": "self",
"summary": "SUSE Bug 1234041",
"url": "https://bugzilla.suse.com/1234041"
},
{
"category": "self",
"summary": "SUSE Bug 1234042",
"url": "https://bugzilla.suse.com/1234042"
},
{
"category": "self",
"summary": "SUSE Bug 1234043",
"url": "https://bugzilla.suse.com/1234043"
},
{
"category": "self",
"summary": "SUSE Bug 1234044",
"url": "https://bugzilla.suse.com/1234044"
},
{
"category": "self",
"summary": "SUSE Bug 1234045",
"url": "https://bugzilla.suse.com/1234045"
},
{
"category": "self",
"summary": "SUSE Bug 1234046",
"url": "https://bugzilla.suse.com/1234046"
},
{
"category": "self",
"summary": "SUSE Bug 1234072",
"url": "https://bugzilla.suse.com/1234072"
},
{
"category": "self",
"summary": "SUSE Bug 1234078",
"url": "https://bugzilla.suse.com/1234078"
},
{
"category": "self",
"summary": "SUSE Bug 1234081",
"url": "https://bugzilla.suse.com/1234081"
},
{
"category": "self",
"summary": "SUSE Bug 1234083",
"url": "https://bugzilla.suse.com/1234083"
},
{
"category": "self",
"summary": "SUSE Bug 1234085",
"url": "https://bugzilla.suse.com/1234085"
},
{
"category": "self",
"summary": "SUSE Bug 1234087",
"url": "https://bugzilla.suse.com/1234087"
},
{
"category": "self",
"summary": "SUSE Bug 1234093",
"url": "https://bugzilla.suse.com/1234093"
},
{
"category": "self",
"summary": "SUSE Bug 1234098",
"url": "https://bugzilla.suse.com/1234098"
},
{
"category": "self",
"summary": "SUSE Bug 1234108",
"url": "https://bugzilla.suse.com/1234108"
},
{
"category": "self",
"summary": "SUSE Bug 1234121",
"url": "https://bugzilla.suse.com/1234121"
},
{
"category": "self",
"summary": "SUSE Bug 1234223",
"url": "https://bugzilla.suse.com/1234223"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52766 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52778 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52778/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52800 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52917 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52918 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52919 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52920 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52921 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52922 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6270 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26596 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26703 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26741 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26758 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26761 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26767 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26782 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26943 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26953 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27026 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27043 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27407 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35888 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36000 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36031 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36244 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36484 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36484/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36883 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36920 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36927 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36968 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38576 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38577 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38589 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38589/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38599 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38599/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40914 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41023 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41031 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41047 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41082 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42102 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42102/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42145 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44932 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45025 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46678 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46680 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46681 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46721 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46754 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46765 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46766 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46775 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46777 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46788 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46797 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46800 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46802 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46803 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46804 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46805 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46806 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46809 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46810 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46811 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46812 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46813 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46814 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46815 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46816 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46818 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46819 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46821 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46825 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46826 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46827 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46830 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46831 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46834 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46835 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46836 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46840 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46841 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46842 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46843 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46845 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46846 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46848 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46849 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46851 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46853 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46854 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46855 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46857 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46859 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46860 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46870 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46871 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47658 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47660 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47662 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47663 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47664 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47665 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47666 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47666/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47667 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47668 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47669 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47670 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47671 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47672 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47672/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47673 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47674 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47675 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47679 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47681 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47682 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47684 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47685 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47686 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47687 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47688 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47692 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47693 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47695 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47696 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47697 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47698 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47699 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47701 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47703 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47704 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47705 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47706 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47707 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47709 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47710 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47712 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47712/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47713 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47714 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47715 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47718 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47719 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47720 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47723 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47727 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47728 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47730 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47731 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47732 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47735 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47737 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47738 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47739 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47741 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47742 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47743 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47744 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47745 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47747 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47748 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47749 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47750 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47751 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47752 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47753 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47754 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47756 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47757 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49850 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49851 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49853 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49855 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49858 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49860 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49866 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49867 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49868 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49870 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49871 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49874 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49875 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49877 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49879 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49881 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49882 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49883 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49888 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49890 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49891 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49892 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49894 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49895 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49896 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49897 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49902 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49902/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49903 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49906 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49907 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49908 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49909 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49911 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49912 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49913 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49914 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49917 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49918 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49919 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49920 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49929 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49933 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49936 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49939 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49944 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49946 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49952 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49953 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49955 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49957 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49959 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49961 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49962 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49963 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49965 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49966 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49967 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49968 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49969 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49972 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49975 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49976 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49983 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49985 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49987 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49989 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49991 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50000 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50001 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50003 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50004 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50007 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50008 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50015 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50021 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50022 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50023 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50024 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50025 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50026 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50027 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50028 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50031 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50033 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50033/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50035 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50040 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50041 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50042 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50044 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50045 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50046 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50047 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50048 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50048/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50049 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50058 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50060 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50062 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50064 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50067 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50069 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50073 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50074 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50075 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50076 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50077 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50081 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50082 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50084 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50087 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50088 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50089 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50093 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50095 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50096 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50098 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50098/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50101 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50102 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50102/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50103 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50108 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50110 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50115 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50116 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50117 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50121 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50124 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50125 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50127 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50127/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50128 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50128/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50130 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50130/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50131 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50134 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50136 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50138 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50139 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50141 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50145 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50146 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50147 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50148 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50150 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50153 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50154 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50155 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50156 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50157 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50158 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50159 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50160 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50166 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50167 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50169 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50171 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50172 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50172/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50175 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50176 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50177 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50179 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50180 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50180/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50181 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50182 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50183 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50183/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50184 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50184/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50186 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50187 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50188 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50189 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50189/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50192 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50192/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50194 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50194/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50195 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50196 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50196/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50198 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50200 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50201 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50201/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50205 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50208 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50209 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50210 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50215 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50216 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50218 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50218/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50221 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50224 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50224/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50225 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50225/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50228 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50228/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50229 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50230 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50231 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50231/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50232 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50233 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50234 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50235 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50235/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50236 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50236/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50237 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50237/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50240 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50240/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50245 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50245/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50246 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50246/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50248 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50248/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50249 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50250 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50252 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50255 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50255/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50257 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50257/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50261 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50264 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50264/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50265 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50267 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50268 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50268/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50269 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50271 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50273 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50273/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50274 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50274/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50275 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50275/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50276 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50276/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50279 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50279/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50282 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50282/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50287 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50287/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50289 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50292 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50292/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50295 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50295/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50296 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50298 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50298/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50301 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50302 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50302/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53042 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53043 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53045 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53048 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53048/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53051 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53052 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53058 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53060 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53066 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53068 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53072 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53074 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53076 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53079 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53081 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53082 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53088 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53093 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53094 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53095 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53096 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53100 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53100/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53101 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53104 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53108 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53110 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53112 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53114 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53121 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53138 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53138/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-03-27T14:05:14Z",
"generator": {
"date": "2025-03-27T14:05:14Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20247-1",
"initial_release_date": "2025-03-27T14:05:14Z",
"revision_history": [
{
"date": "2025-03-27T14:05:14Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-24.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-24.1.aarch64",
"product_id": "kernel-default-6.4.0-24.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-24.1.21.4.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-24.1.21.4.aarch64",
"product_id": "kernel-default-base-6.4.0-24.1.21.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-24.1.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-24.1.aarch64",
"product_id": "kernel-default-devel-6.4.0-24.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-24.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-24.1.noarch",
"product_id": "kernel-devel-6.4.0-24.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-24.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-24.1.noarch",
"product_id": "kernel-macros-6.4.0-24.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-24.1.noarch",
"product": {
"name": "kernel-source-6.4.0-24.1.noarch",
"product_id": "kernel-source-6.4.0-24.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-24.1.ppc64le",
"product": {
"name": "kernel-default-6.4.0-24.1.ppc64le",
"product_id": "kernel-default-6.4.0-24.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"product": {
"name": "kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"product_id": "kernel-default-base-6.4.0-24.1.21.4.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-24.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.4.0-24.1.ppc64le",
"product_id": "kernel-default-devel-6.4.0-24.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-24.1.s390x",
"product": {
"name": "kernel-default-6.4.0-24.1.s390x",
"product_id": "kernel-default-6.4.0-24.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-24.1.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-24.1.s390x",
"product_id": "kernel-default-devel-6.4.0-24.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-24.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-24.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-24.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"product_id": "kernel-livepatch-6_4_0-24-default-1-1.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-24.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-24.1.x86_64",
"product_id": "kernel-default-6.4.0-24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-24.1.21.4.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-24.1.21.4.x86_64",
"product_id": "kernel-default-base-6.4.0-24.1.21.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-24.1.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-24.1.x86_64",
"product_id": "kernel-default-devel-6.4.0-24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-24.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-24.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-24.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-24.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-24.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"product_id": "kernel-livepatch-6_4_0-24-default-1-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-24.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-24.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-24.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x"
},
"product_reference": "kernel-default-6.4.0-24.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-24.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-24.1.21.4.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-24.1.21.4.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-24.1.21.4.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-24.1.21.4.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-24.1.21.4.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-24.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-24.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-24.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-24.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-24.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-24.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-24.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-24.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-24.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-24.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-24.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-24-default-1-1.2.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-24-default-1-1.2.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-24.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-24.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-24.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
},
"product_reference": "kernel-source-6.4.0-24.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler\n\nDo not loop over ring headers in hci_dma_irq_handler() that are not\nallocated and enabled in hci_dma_init(). Otherwise out of bounds access\nwill occur from rings-\u003eheaders[i] access when i \u003e= number of allocated\nring headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52766",
"url": "https://www.suse.com/security/cve/CVE-2023-52766"
},
{
"category": "external",
"summary": "SUSE Bug 1230620 for CVE-2023-52766",
"url": "https://bugzilla.suse.com/1230620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-52766"
},
{
"cve": "CVE-2023-52778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52778"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: deal with large GSO size\n\nAfter the blamed commit below, the TCP sockets (and the MPTCP subflows)\ncan build egress packets larger than 64K. That exceeds the maximum DSS\ndata size, the length being misrepresent on the wire and the stream being\ncorrupted, as later observed on the receiver:\n\n WARNING: CPU: 0 PID: 9696 at net/mptcp/protocol.c:705 __mptcp_move_skbs_from_subflow+0x2604/0x26e0\n CPU: 0 PID: 9696 Comm: syz-executor.7 Not tainted 6.6.0-rc5-gcd8bdf563d46 #45\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014\n netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4\u0027.\n RIP: 0010:__mptcp_move_skbs_from_subflow+0x2604/0x26e0 net/mptcp/protocol.c:705\n RSP: 0018:ffffc90000006e80 EFLAGS: 00010246\n RAX: ffffffff83e9f674 RBX: ffff88802f45d870 RCX: ffff888102ad0000\n netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4\u0027.\n RDX: 0000000080000303 RSI: 0000000000013908 RDI: 0000000000003908\n RBP: ffffc90000007110 R08: ffffffff83e9e078 R09: 1ffff1100e548c8a\n R10: dffffc0000000000 R11: ffffed100e548c8b R12: 0000000000013908\n R13: dffffc0000000000 R14: 0000000000003908 R15: 000000000031cf29\n FS: 00007f239c47e700(0000) GS:ffff88811b200000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f239c45cd78 CR3: 000000006a66c006 CR4: 0000000000770ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n mptcp_data_ready+0x263/0xac0 net/mptcp/protocol.c:819\n subflow_data_ready+0x268/0x6d0 net/mptcp/subflow.c:1409\n tcp_data_queue+0x21a1/0x7a60 net/ipv4/tcp_input.c:5151\n tcp_rcv_established+0x950/0x1d90 net/ipv4/tcp_input.c:6098\n tcp_v6_do_rcv+0x554/0x12f0 net/ipv6/tcp_ipv6.c:1483\n tcp_v6_rcv+0x2e26/0x3810 net/ipv6/tcp_ipv6.c:1749\n ip6_protocol_deliver_rcu+0xd6b/0x1ae0 net/ipv6/ip6_input.c:438\n ip6_input+0x1c5/0x470 net/ipv6/ip6_input.c:483\n ipv6_rcv+0xef/0x2c0 include/linux/netfilter.h:304\n __netif_receive_skb+0x1ea/0x6a0 net/core/dev.c:5532\n process_backlog+0x353/0x660 net/core/dev.c:5974\n __napi_poll+0xc6/0x5a0 net/core/dev.c:6536\n net_rx_action+0x6a0/0xfd0 net/core/dev.c:6603\n __do_softirq+0x184/0x524 kernel/softirq.c:553\n do_softirq+0xdd/0x130 kernel/softirq.c:454\n\nAddress the issue explicitly bounding the maximum GSO size to what MPTCP\nactually allows.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52778",
"url": "https://www.suse.com/security/cve/CVE-2023-52778"
},
{
"category": "external",
"summary": "SUSE Bug 1224948 for CVE-2023-52778",
"url": "https://bugzilla.suse.com/1224948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-52778"
},
{
"cve": "CVE-2023-52800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix htt pktlog locking\n\nThe ath11k active pdevs are protected by RCU but the htt pktlog handling\ncode calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52800",
"url": "https://www.suse.com/security/cve/CVE-2023-52800"
},
{
"category": "external",
"summary": "SUSE Bug 1230600 for CVE-2023-52800",
"url": "https://bugzilla.suse.com/1230600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-52800"
},
{
"cve": "CVE-2023-52881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: do not accept ACK of bytes we never sent\n\nThis patch is based on a detailed report and ideas from Yepeng Pan\nand Christian Rossow.\n\nACK seq validation is currently following RFC 5961 5.2 guidelines:\n\n The ACK value is considered acceptable only if\n it is in the range of ((SND.UNA - MAX.SND.WND) \u003c= SEG.ACK \u003c=\n SND.NXT). All incoming segments whose ACK value doesn\u0027t satisfy the\n above condition MUST be discarded and an ACK sent back. It needs to\n be noted that RFC 793 on page 72 (fifth check) says: \"If the ACK is a\n duplicate (SEG.ACK \u003c SND.UNA), it can be ignored. If the ACK\n acknowledges something not yet sent (SEG.ACK \u003e SND.NXT) then send an\n ACK, drop the segment, and return\". The \"ignored\" above implies that\n the processing of the incoming data segment continues, which means\n the ACK value is treated as acceptable. This mitigation makes the\n ACK check more stringent since any ACK \u003c SND.UNA wouldn\u0027t be\n accepted, instead only ACKs that are in the range ((SND.UNA -\n MAX.SND.WND) \u003c= SEG.ACK \u003c= SND.NXT) get through.\n\nThis can be refined for new (and possibly spoofed) flows,\nby not accepting ACK for bytes that were never sent.\n\nThis greatly improves TCP security at a little cost.\n\nI added a Fixes: tag to make sure this patch will reach stable trees,\neven if the \u0027blamed\u0027 patch was adhering to the RFC.\n\ntp-\u003ebytes_acked was added in linux-4.2\n\nFollowing packetdrill test (courtesy of Yepeng Pan) shows\nthe issue at hand:\n\n0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3\n+0 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0\n+0 bind(3, ..., ...) = 0\n+0 listen(3, 1024) = 0\n\n// ---------------- Handshake ------------------- //\n\n// when window scale is set to 14 the window size can be extended to\n// 65535 * (2^14) = 1073725440. Linux would accept an ACK packet\n// with ack number in (Server_ISN+1-1073725440. Server_ISN+1)\n// ,though this ack number acknowledges some data never\n// sent by the server.\n\n+0 \u003c S 0:0(0) win 65535 \u003cmss 1400,nop,wscale 14\u003e\n+0 \u003e S. 0:0(0) ack 1 \u003c...\u003e\n+0 \u003c . 1:1(0) ack 1 win 65535\n+0 accept(3, ..., ...) = 4\n\n// For the established connection, we send an ACK packet,\n// the ack packet uses ack number 1 - 1073725300 + 2^32,\n// where 2^32 is used to wrap around.\n// Note: we used 1073725300 instead of 1073725440 to avoid possible\n// edge cases.\n// 1 - 1073725300 + 2^32 = 3221241997\n\n// Oops, old kernels happily accept this packet.\n+0 \u003c . 1:1001(1000) ack 3221241997 win 65535\n\n// After the kernel fix the following will be replaced by a challenge ACK,\n// and prior malicious frame would be dropped.\n+0 \u003e . 1:1(0) ack 1001",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52881",
"url": "https://www.suse.com/security/cve/CVE-2023-52881"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1225611 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1225611"
},
{
"category": "external",
"summary": "SUSE Bug 1226152 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1226152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-52881"
},
{
"cve": "CVE-2023-52917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52917"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52917",
"url": "https://www.suse.com/security/cve/CVE-2023-52917"
},
{
"category": "external",
"summary": "SUSE Bug 1231849 for CVE-2023-52917",
"url": "https://bugzilla.suse.com/1231849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-52917"
},
{
"cve": "CVE-2023-52918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pci: cx23885: check cx23885_vdev_init() return\n\ncx23885_vdev_init() can return a NULL pointer, but that pointer\nis used in the next line without a check.\n\nAdd a NULL pointer check and go to the error unwind if it is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52918",
"url": "https://www.suse.com/security/cve/CVE-2023-52918"
},
{
"category": "external",
"summary": "SUSE Bug 1232047 for CVE-2023-52918",
"url": "https://bugzilla.suse.com/1232047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-52918"
},
{
"cve": "CVE-2023-52919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nci: fix possible NULL pointer dereference in send_acknowledge()\n\nHandle memory allocation failure from nci_skb_alloc() (calling\nalloc_skb()) to avoid possible NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52919",
"url": "https://www.suse.com/security/cve/CVE-2023-52919"
},
{
"category": "external",
"summary": "SUSE Bug 1231988 for CVE-2023-52919",
"url": "https://bugzilla.suse.com/1231988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-52919"
},
{
"cve": "CVE-2023-52920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: support non-r10 register spill/fill to/from stack in precision tracking\n\nUse instruction (jump) history to record instructions that performed\nregister spill/fill to/from stack, regardless if this was done through\nread-only r10 register, or any other register after copying r10 into it\n*and* potentially adjusting offset.\n\nTo make this work reliably, we push extra per-instruction flags into\ninstruction history, encoding stack slot index (spi) and stack frame\nnumber in extra 10 bit flags we take away from prev_idx in instruction\nhistory. We don\u0027t touch idx field for maximum performance, as it\u0027s\nchecked most frequently during backtracking.\n\nThis change removes basically the last remaining practical limitation of\nprecision backtracking logic in BPF verifier. It fixes known\ndeficiencies, but also opens up new opportunities to reduce number of\nverified states, explored in the subsequent patches.\n\nThere are only three differences in selftests\u0027 BPF object files\naccording to veristat, all in the positive direction (less states).\n\nFile Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF)\n-------------------------------------- ------------- --------- --------- ------------- ---------- ---------- -------------\ntest_cls_redirect_dynptr.bpf.linked3.o cls_redirect 2987 2864 -123 (-4.12%) 240 231 -9 (-3.75%)\nxdp_synproxy_kern.bpf.linked3.o syncookie_tc 82848 82661 -187 (-0.23%) 5107 5073 -34 (-0.67%)\nxdp_synproxy_kern.bpf.linked3.o syncookie_xdp 85116 84964 -152 (-0.18%) 5162 5130 -32 (-0.62%)\n\nNote, I avoided renaming jmp_history to more generic insn_hist to\nminimize number of lines changed and potential merge conflicts between\nbpf and bpf-next trees.\n\nNotice also cur_hist_entry pointer reset to NULL at the beginning of\ninstruction verification loop. This pointer avoids the problem of\nrelying on last jump history entry\u0027s insn_idx to determine whether we\nalready have entry for current instruction or not. It can happen that we\nadded jump history entry because current instruction is_jmp_point(), but\nalso we need to add instruction flags for stack access. In this case, we\ndon\u0027t want to entries, so we need to reuse last added entry, if it is\npresent.\n\nRelying on insn_idx comparison has the same ambiguity problem as the one\nthat was fixed recently in [0], so we avoid that.\n\n [0] https://patchwork.kernel.org/project/netdevbpf/patch/20231110002638.4168352-3-andrii@kernel.org/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52920",
"url": "https://www.suse.com/security/cve/CVE-2023-52920"
},
{
"category": "external",
"summary": "SUSE Bug 1232823 for CVE-2023-52920",
"url": "https://bugzilla.suse.com/1232823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-52920"
},
{
"cve": "CVE-2023-52921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix possible UAF in amdgpu_cs_pass1()\n\nSince the gang_size check is outside of chunk parsing\nloop, we need to reset i before we free the chunk data.\n\nSuggested by Ye Zhang (@VAR10CK) of Baidu Security.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52921",
"url": "https://www.suse.com/security/cve/CVE-2023-52921"
},
{
"category": "external",
"summary": "SUSE Bug 1233452 for CVE-2023-52921",
"url": "https://bugzilla.suse.com/1233452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-52921"
},
{
"cve": "CVE-2023-52922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: Fix UAF in bcm_proc_show()\n\nBUG: KASAN: slab-use-after-free in bcm_proc_show+0x969/0xa80\nRead of size 8 at addr ffff888155846230 by task cat/7862\n\nCPU: 1 PID: 7862 Comm: cat Not tainted 6.5.0-rc1-00153-gc8746099c197 #230\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xd5/0x150\n print_report+0xc1/0x5e0\n kasan_report+0xba/0xf0\n bcm_proc_show+0x969/0xa80\n seq_read_iter+0x4f6/0x1260\n seq_read+0x165/0x210\n proc_reg_read+0x227/0x300\n vfs_read+0x1d5/0x8d0\n ksys_read+0x11e/0x240\n do_syscall_64+0x35/0xb0\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nAllocated by task 7846:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n __kasan_kmalloc+0x9e/0xa0\n bcm_sendmsg+0x264b/0x44e0\n sock_sendmsg+0xda/0x180\n ____sys_sendmsg+0x735/0x920\n ___sys_sendmsg+0x11d/0x1b0\n __sys_sendmsg+0xfa/0x1d0\n do_syscall_64+0x35/0xb0\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nFreed by task 7846:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n kasan_save_free_info+0x27/0x40\n ____kasan_slab_free+0x161/0x1c0\n slab_free_freelist_hook+0x119/0x220\n __kmem_cache_free+0xb4/0x2e0\n rcu_core+0x809/0x1bd0\n\nbcm_op is freed before procfs entry be removed in bcm_release(),\nthis lead to bcm_proc_show() may read the freed bcm_op.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52922",
"url": "https://www.suse.com/security/cve/CVE-2023-52922"
},
{
"category": "external",
"summary": "SUSE Bug 1233977 for CVE-2023-52922",
"url": "https://bugzilla.suse.com/1233977"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-52922"
},
{
"cve": "CVE-2023-6270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6270"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6270",
"url": "https://www.suse.com/security/cve/CVE-2023-6270"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1218813 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218813"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1227675 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1227675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2023-6270"
},
{
"cve": "CVE-2024-26596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26596"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events\n\nAfter the blamed commit, we started doing this dereference for every\nNETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the system.\n\nstatic inline struct dsa_port *dsa_user_to_port(const struct net_device *dev)\n{\n\tstruct dsa_user_priv *p = netdev_priv(dev);\n\n\treturn p-\u003edp;\n}\n\nWhich is obviously bogus, because not all net_devices have a netdev_priv()\nof type struct dsa_user_priv. But struct dsa_user_priv is fairly small,\nand p-\u003edp means dereferencing 8 bytes starting with offset 16. Most\ndrivers allocate that much private memory anyway, making our access not\nfault, and we discard the bogus data quickly afterwards, so this wasn\u0027t\ncaught.\n\nBut the dummy interface is somewhat special in that it calls\nalloc_netdev() with a priv size of 0. So every netdev_priv() dereference\nis invalid, and we get this when we emit a NETDEV_PRECHANGEUPPER event\nwith a VLAN as its new upper:\n\n$ ip link add dummy1 type dummy\n$ ip link add link dummy1 name dummy1.100 type vlan id 100\n[ 43.309174] ==================================================================\n[ 43.316456] BUG: KASAN: slab-out-of-bounds in dsa_user_prechangeupper+0x30/0xe8\n[ 43.323835] Read of size 8 at addr ffff3f86481d2990 by task ip/374\n[ 43.330058]\n[ 43.342436] Call trace:\n[ 43.366542] dsa_user_prechangeupper+0x30/0xe8\n[ 43.371024] dsa_user_netdevice_event+0xb38/0xee8\n[ 43.375768] notifier_call_chain+0xa4/0x210\n[ 43.379985] raw_notifier_call_chain+0x24/0x38\n[ 43.384464] __netdev_upper_dev_link+0x3ec/0x5d8\n[ 43.389120] netdev_upper_dev_link+0x70/0xa8\n[ 43.393424] register_vlan_dev+0x1bc/0x310\n[ 43.397554] vlan_newlink+0x210/0x248\n[ 43.401247] rtnl_newlink+0x9fc/0xe30\n[ 43.404942] rtnetlink_rcv_msg+0x378/0x580\n\nAvoid the kernel oops by dereferencing after the type check, as customary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26596",
"url": "https://www.suse.com/security/cve/CVE-2024-26596"
},
{
"category": "external",
"summary": "SUSE Bug 1220355 for CVE-2024-26596",
"url": "https://bugzilla.suse.com/1220355"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-26596"
},
{
"cve": "CVE-2024-26703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/timerlat: Move hrtimer_init to timerlat_fd open()\n\nCurrently, the timerlat\u0027s hrtimer is initialized at the first read of\ntimerlat_fd, and destroyed at close(). It works, but it causes an error\nif the user program open() and close() the file without reading.\n\nHere\u0027s an example:\n\n # echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/debug/tracing/osnoise/options\n # echo timerlat \u003e /sys/kernel/debug/tracing/current_tracer\n\n # cat \u003c\u003cEOF \u003e ./timerlat_load.py\n # !/usr/bin/env python3\n\n timerlat_fd = open(\"/sys/kernel/tracing/osnoise/per_cpu/cpu0/timerlat_fd\", \u0027r\u0027)\n timerlat_fd.close();\n EOF\n\n # ./taskset -c 0 ./timerlat_load.py\n\u003cBOOM\u003e\n\n BUG: kernel NULL pointer dereference, address: 0000000000000010\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 1 PID: 2673 Comm: python3 Not tainted 6.6.13-200.fc39.x86_64 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39 04/01/2014\n RIP: 0010:hrtimer_active+0xd/0x50\n Code: 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 48 8b 57 30 \u003c8b\u003e 42 10 a8 01 74 09 f3 90 8b 42 10 a8 01 75 f7 80 7f 38 00 75 1d\n RSP: 0018:ffffb031009b7e10 EFLAGS: 00010286\n RAX: 000000000002db00 RBX: ffff9118f786db08 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff9117a0e64400 RDI: ffff9118f786db08\n RBP: ffff9118f786db80 R08: ffff9117a0ddd420 R09: ffff9117804d4f70\n R10: 0000000000000000 R11: 0000000000000000 R12: ffff9118f786db08\n R13: ffff91178fdd5e20 R14: ffff9117840978c0 R15: 0000000000000000\n FS: 00007f2ffbab1740(0000) GS:ffff9118f7840000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000010 CR3: 00000001b402e000 CR4: 0000000000750ee0\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? srso_alias_return_thunk+0x5/0x7f\n ? avc_has_extended_perms+0x237/0x520\n ? exc_page_fault+0x7f/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? hrtimer_active+0xd/0x50\n hrtimer_cancel+0x15/0x40\n timerlat_fd_release+0x48/0xe0\n __fput+0xf5/0x290\n __x64_sys_close+0x3d/0x80\n do_syscall_64+0x60/0x90\n ? srso_alias_return_thunk+0x5/0x7f\n ? __x64_sys_ioctl+0x72/0xd0\n ? srso_alias_return_thunk+0x5/0x7f\n ? syscall_exit_to_user_mode+0x2b/0x40\n ? srso_alias_return_thunk+0x5/0x7f\n ? do_syscall_64+0x6c/0x90\n ? srso_alias_return_thunk+0x5/0x7f\n ? exit_to_user_mode_prepare+0x142/0x1f0\n ? srso_alias_return_thunk+0x5/0x7f\n ? syscall_exit_to_user_mode+0x2b/0x40\n ? srso_alias_return_thunk+0x5/0x7f\n ? do_syscall_64+0x6c/0x90\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n RIP: 0033:0x7f2ffb321594\n Code: 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 80 3d d5 cd 0d 00 00 74 13 b8 03 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 3c c3 0f 1f 00 55 48 89 e5 48 83 ec 10 89 7d\n RSP: 002b:00007ffe8d8eef18 EFLAGS: 00000202 ORIG_RAX: 0000000000000003\n RAX: ffffffffffffffda RBX: 00007f2ffba4e668 RCX: 00007f2ffb321594\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003\n RBP: 00007ffe8d8eef40 R08: 0000000000000000 R09: 0000000000000000\n R10: 55c926e3167eae79 R11: 0000000000000202 R12: 0000000000000003\n R13: 00007ffe8d8ef030 R14: 0000000000000000 R15: 00007f2ffba4e668\n \u003c/TASK\u003e\n CR2: 0000000000000010\n ---[ end trace 0000000000000000 ]---\n\nMove hrtimer_init to timerlat_fd open() to avoid this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26703",
"url": "https://www.suse.com/security/cve/CVE-2024-26703"
},
{
"category": "external",
"summary": "SUSE Bug 1222423 for CVE-2024-26703",
"url": "https://bugzilla.suse.com/1222423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-26703"
},
{
"cve": "CVE-2024-26741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndccp/tcp: Unhash sk from ehash for tb2 alloc failure after check_estalblished().\n\nsyzkaller reported a warning [0] in inet_csk_destroy_sock() with no\nrepro.\n\n WARN_ON(inet_sk(sk)-\u003einet_num \u0026\u0026 !inet_csk(sk)-\u003eicsk_bind_hash);\n\nHowever, the syzkaller\u0027s log hinted that connect() failed just before\nthe warning due to FAULT_INJECTION. [1]\n\nWhen connect() is called for an unbound socket, we search for an\navailable ephemeral port. If a bhash bucket exists for the port, we\ncall __inet_check_established() or __inet6_check_established() to check\nif the bucket is reusable.\n\nIf reusable, we add the socket into ehash and set inet_sk(sk)-\u003einet_num.\n\nLater, we look up the corresponding bhash2 bucket and try to allocate\nit if it does not exist.\n\nAlthough it rarely occurs in real use, if the allocation fails, we must\nrevert the changes by check_established(). Otherwise, an unconnected\nsocket could illegally occupy an ehash entry.\n\nNote that we do not put tw back into ehash because sk might have\nalready responded to a packet for tw and it would be better to free\ntw earlier under such memory presure.\n\n[0]:\nWARNING: CPU: 0 PID: 350830 at net/ipv4/inet_connection_sock.c:1193 inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193)\nModules linked in:\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nRIP: 0010:inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193)\nCode: 41 5c 41 5d 41 5e e9 2d 4a 3d fd e8 28 4a 3d fd 48 89 ef e8 f0 cd 7d ff 5b 5d 41 5c 41 5d 41 5e e9 13 4a 3d fd e8 0e 4a 3d fd \u003c0f\u003e 0b e9 61 fe ff ff e8 02 4a 3d fd 4c 89 e7 be 03 00 00 00 e8 05\nRSP: 0018:ffffc9000b21fd38 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: 0000000000009e78 RCX: ffffffff840bae40\nRDX: ffff88806e46c600 RSI: ffffffff840bb012 RDI: ffff88811755cca8\nRBP: ffff88811755c880 R08: 0000000000000003 R09: 0000000000000000\nR10: 0000000000009e78 R11: 0000000000000000 R12: ffff88811755c8e0\nR13: ffff88811755c892 R14: ffff88811755c918 R15: 0000000000000000\nFS: 00007f03e5243800(0000) GS:ffff88811ae00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000001b32f21000 CR3: 0000000112ffe001 CR4: 0000000000770ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? inet_csk_destroy_sock (net/ipv4/inet_connection_sock.c:1193)\n dccp_close (net/dccp/proto.c:1078)\n inet_release (net/ipv4/af_inet.c:434)\n __sock_release (net/socket.c:660)\n sock_close (net/socket.c:1423)\n __fput (fs/file_table.c:377)\n __fput_sync (fs/file_table.c:462)\n __x64_sys_close (fs/open.c:1557 fs/open.c:1539 fs/open.c:1539)\n do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)\nRIP: 0033:0x7f03e53852bb\nCode: 03 00 00 00 0f 05 48 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 43 c9 f5 ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 c9 f5 ff 8b 44\nRSP: 002b:00000000005dfba0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003\nRAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f03e53852bb\nRDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000167c\nR10: 0000000008a79680 R11: 0000000000000293 R12: 00007f03e4e43000\nR13: 00007f03e4e43170 R14: 00007f03e4e43178 R15: 00007f03e4e43170\n \u003c/TASK\u003e\n\n[1]:\nFAULT_INJECTION: forcing a failure.\nname failslab, interval 1, probability 0, space 0, times 0\nCPU: 0 PID: 350833 Comm: syz-executor.1 Not tainted 6.7.0-12272-g2121c43f88f5 #9\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:107 (discriminator 1))\n should_fail_ex (lib/fault-inject.c:52 lib/fault-inject.c:153)\n should_failslab (mm/slub.c:3748)\n kmem_cache_alloc (mm/slub.c:3763 mm/slub.c:3842 mm/slub.c:3867)\n inet_bind2_bucket_create \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26741",
"url": "https://www.suse.com/security/cve/CVE-2024-26741"
},
{
"category": "external",
"summary": "SUSE Bug 1222587 for CVE-2024-26741",
"url": "https://bugzilla.suse.com/1222587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-26741"
},
{
"cve": "CVE-2024-26758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: Don\u0027t ignore suspended array in md_check_recovery()\n\nmddev_suspend() never stop sync_thread, hence it doesn\u0027t make sense to\nignore suspended array in md_check_recovery(), which might cause\nsync_thread can\u0027t be unregistered.\n\nAfter commit f52f5c71f3d4 (\"md: fix stopping sync thread\"), following\nhang can be triggered by test shell/integrity-caching.sh:\n\n1) suspend the array:\nraid_postsuspend\n mddev_suspend\n\n2) stop the array:\nraid_dtr\n md_stop\n __md_stop_writes\n stop_sync_thread\n set_bit(MD_RECOVERY_INTR, \u0026mddev-\u003erecovery);\n md_wakeup_thread_directly(mddev-\u003esync_thread);\n wait_event(..., !test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery))\n\n3) sync thread done:\nmd_do_sync\n set_bit(MD_RECOVERY_DONE, \u0026mddev-\u003erecovery);\n md_wakeup_thread(mddev-\u003ethread);\n\n4) daemon thread can\u0027t unregister sync thread:\nmd_check_recovery\n if (mddev-\u003esuspended)\n return; -\u003e return directly\n md_read_sync_thread\n clear_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery);\n -\u003e MD_RECOVERY_RUNNING can\u0027t be cleared, hence step 2 hang;\n\nThis problem is not just related to dm-raid, fix it by ignoring\nsuspended array in md_check_recovery(). And follow up patches will\nimprove dm-raid better to frozen sync thread during suspend.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26758",
"url": "https://www.suse.com/security/cve/CVE-2024-26758"
},
{
"category": "external",
"summary": "SUSE Bug 1230341 for CVE-2024-26758",
"url": "https://bugzilla.suse.com/1230341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-26758"
},
{
"cve": "CVE-2024-26761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window\n\nThe Linux CXL subsystem is built on the assumption that HPA == SPA.\nThat is, the host physical address (HPA) the HDM decoder registers are\nprogrammed with are system physical addresses (SPA).\n\nDuring HDM decoder setup, the DVSEC CXL range registers (cxl-3.1,\n8.1.3.8) are checked if the memory is enabled and the CXL range is in\na HPA window that is described in a CFMWS structure of the CXL host\nbridge (cxl-3.1, 9.18.1.3).\n\nNow, if the HPA is not an SPA, the CXL range does not match a CFMWS\nwindow and the CXL memory range will be disabled then. The HDM decoder\nstops working which causes system memory being disabled and further a\nsystem hang during HDM decoder initialization, typically when a CXL\nenabled kernel boots.\n\nPrevent a system hang and do not disable the HDM decoder if the\ndecoder\u0027s CXL range is not found in a CFMWS window.\n\nNote the change only fixes a hardware hang, but does not implement\nHPA/SPA translation. Support for this can be added in a follow on\npatch series.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26761",
"url": "https://www.suse.com/security/cve/CVE-2024-26761"
},
{
"category": "external",
"summary": "SUSE Bug 1230375 for CVE-2024-26761",
"url": "https://bugzilla.suse.com/1230375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-26761"
},
{
"cve": "CVE-2024-26767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fixed integer types and null check locations\n\n[why]:\nissues fixed:\n- comparison with wider integer type in loop condition which can cause\ninfinite loops\n- pointer dereference before null check",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26767",
"url": "https://www.suse.com/security/cve/CVE-2024-26767"
},
{
"category": "external",
"summary": "SUSE Bug 1230339 for CVE-2024-26767",
"url": "https://bugzilla.suse.com/1230339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-26767"
},
{
"cve": "CVE-2024-26782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix double-free on socket dismantle\n\nwhen MPTCP server accepts an incoming connection, it clones its listener\nsocket. However, the pointer to \u0027inet_opt\u0027 for the new socket has the same\nvalue as the original one: as a consequence, on program exit it\u0027s possible\nto observe the following splat:\n\n BUG: KASAN: double-free in inet_sock_destruct+0x54f/0x8b0\n Free of addr ffff888485950880 by task swapper/25/0\n\n CPU: 25 PID: 0 Comm: swapper/25 Kdump: loaded Not tainted 6.8.0-rc1+ #609\n Hardware name: Supermicro SYS-6027R-72RF/X9DRH-7TF/7F/iTF/iF, BIOS 3.0 07/26/2013\n Call Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x32/0x50\n print_report+0xca/0x620\n kasan_report_invalid_free+0x64/0x90\n __kasan_slab_free+0x1aa/0x1f0\n kfree+0xed/0x2e0\n inet_sock_destruct+0x54f/0x8b0\n __sk_destruct+0x48/0x5b0\n rcu_do_batch+0x34e/0xd90\n rcu_core+0x559/0xac0\n __do_softirq+0x183/0x5a4\n irq_exit_rcu+0x12d/0x170\n sysvec_apic_timer_interrupt+0x6b/0x80\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x16/0x20\n RIP: 0010:cpuidle_enter_state+0x175/0x300\n Code: 30 00 0f 84 1f 01 00 00 83 e8 01 83 f8 ff 75 e5 48 83 c4 18 44 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc fb 45 85 ed \u003c0f\u003e 89 60 ff ff ff 48 c1 e5 06 48 c7 43 18 00 00 00 00 48 83 44 2b\n RSP: 0018:ffff888481cf7d90 EFLAGS: 00000202\n RAX: 0000000000000000 RBX: ffff88887facddc8 RCX: 0000000000000000\n RDX: 1ffff1110ff588b1 RSI: 0000000000000019 RDI: ffff88887fac4588\n RBP: 0000000000000004 R08: 0000000000000002 R09: 0000000000043080\n R10: 0009b02ea273363f R11: ffff88887fabf42b R12: ffffffff932592e0\n R13: 0000000000000004 R14: 0000000000000000 R15: 00000022c880ec80\n cpuidle_enter+0x4a/0xa0\n do_idle+0x310/0x410\n cpu_startup_entry+0x51/0x60\n start_secondary+0x211/0x270\n secondary_startup_64_no_verify+0x184/0x18b\n \u003c/TASK\u003e\n\n Allocated by task 6853:\n kasan_save_stack+0x1c/0x40\n kasan_save_track+0x10/0x30\n __kasan_kmalloc+0xa6/0xb0\n __kmalloc+0x1eb/0x450\n cipso_v4_sock_setattr+0x96/0x360\n netlbl_sock_setattr+0x132/0x1f0\n selinux_netlbl_socket_post_create+0x6c/0x110\n selinux_socket_post_create+0x37b/0x7f0\n security_socket_post_create+0x63/0xb0\n __sock_create+0x305/0x450\n __sys_socket_create.part.23+0xbd/0x130\n __sys_socket+0x37/0xb0\n __x64_sys_socket+0x6f/0xb0\n do_syscall_64+0x83/0x160\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\n Freed by task 6858:\n kasan_save_stack+0x1c/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x12c/0x1f0\n kfree+0xed/0x2e0\n inet_sock_destruct+0x54f/0x8b0\n __sk_destruct+0x48/0x5b0\n subflow_ulp_release+0x1f0/0x250\n tcp_cleanup_ulp+0x6e/0x110\n tcp_v4_destroy_sock+0x5a/0x3a0\n inet_csk_destroy_sock+0x135/0x390\n tcp_fin+0x416/0x5c0\n tcp_data_queue+0x1bc8/0x4310\n tcp_rcv_state_process+0x15a3/0x47b0\n tcp_v4_do_rcv+0x2c1/0x990\n tcp_v4_rcv+0x41fb/0x5ed0\n ip_protocol_deliver_rcu+0x6d/0x9f0\n ip_local_deliver_finish+0x278/0x360\n ip_local_deliver+0x182/0x2c0\n ip_rcv+0xb5/0x1c0\n __netif_receive_skb_one_core+0x16e/0x1b0\n process_backlog+0x1e3/0x650\n __napi_poll+0xa6/0x500\n net_rx_action+0x740/0xbb0\n __do_softirq+0x183/0x5a4\n\n The buggy address belongs to the object at ffff888485950880\n which belongs to the cache kmalloc-64 of size 64\n The buggy address is located 0 bytes inside of\n 64-byte region [ffff888485950880, ffff8884859508c0)\n\n The buggy address belongs to the physical page:\n page:0000000056d1e95e refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888485950700 pfn:0x485950\n flags: 0x57ffffc0000800(slab|node=1|zone=2|lastcpupid=0x1fffff)\n page_type: 0xffffffff()\n raw: 0057ffffc0000800 ffff88810004c640 ffffea00121b8ac0 dead000000000006\n raw: ffff888485950700 0000000000200019 00000001ffffffff 0000000000000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n ffff888485950780: fa fb fb\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26782",
"url": "https://www.suse.com/security/cve/CVE-2024-26782"
},
{
"category": "external",
"summary": "SUSE Bug 1222590 for CVE-2024-26782",
"url": "https://bugzilla.suse.com/1222590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-26782"
},
{
"cve": "CVE-2024-26864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Fix refcnt handling in __inet_hash_connect().\n\nsyzbot reported a warning in sk_nulls_del_node_init_rcu().\n\nThe commit 66b60b0c8c4a (\"dccp/tcp: Unhash sk from ehash for tb2 alloc\nfailure after check_estalblished().\") tried to fix an issue that an\nunconnected socket occupies an ehash entry when bhash2 allocation fails.\n\nIn such a case, we need to revert changes done by check_established(),\nwhich does not hold refcnt when inserting socket into ehash.\n\nSo, to revert the change, we need to __sk_nulls_add_node_rcu() instead\nof sk_nulls_add_node_rcu().\n\nOtherwise, sock_put() will cause refcnt underflow and leak the socket.\n\n[0]:\nWARNING: CPU: 0 PID: 23948 at include/net/sock.h:799 sk_nulls_del_node_init_rcu+0x166/0x1a0 include/net/sock.h:799\nModules linked in:\nCPU: 0 PID: 23948 Comm: syz-executor.2 Not tainted 6.8.0-rc6-syzkaller-00159-gc055fc00c07b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nRIP: 0010:sk_nulls_del_node_init_rcu+0x166/0x1a0 include/net/sock.h:799\nCode: e8 7f 71 c6 f7 83 fb 02 7c 25 e8 35 6d c6 f7 4d 85 f6 0f 95 c0 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 1b 6d c6 f7 90 \u003c0f\u003e 0b 90 eb b2 e8 10 6d c6 f7 4c 89 e7 be 04 00 00 00 e8 63 e7 d2\nRSP: 0018:ffffc900032d7848 EFLAGS: 00010246\nRAX: ffffffff89cd0035 RBX: 0000000000000001 RCX: 0000000000040000\nRDX: ffffc90004de1000 RSI: 000000000003ffff RDI: 0000000000040000\nRBP: 1ffff1100439ac26 R08: ffffffff89ccffe3 R09: 1ffff1100439ac28\nR10: dffffc0000000000 R11: ffffed100439ac29 R12: ffff888021cd6140\nR13: dffffc0000000000 R14: ffff88802a9bf5c0 R15: ffff888021cd6130\nFS: 00007f3b823f16c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f3b823f0ff8 CR3: 000000004674a000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n __inet_hash_connect+0x140f/0x20b0 net/ipv4/inet_hashtables.c:1139\n dccp_v6_connect+0xcb9/0x1480 net/dccp/ipv6.c:956\n __inet_stream_connect+0x262/0xf30 net/ipv4/af_inet.c:678\n inet_stream_connect+0x65/0xa0 net/ipv4/af_inet.c:749\n __sys_connect_file net/socket.c:2048 [inline]\n __sys_connect+0x2df/0x310 net/socket.c:2065\n __do_sys_connect net/socket.c:2075 [inline]\n __se_sys_connect net/socket.c:2072 [inline]\n __x64_sys_connect+0x7a/0x90 net/socket.c:2072\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f3b8167dda9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3b823f10c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 00007f3b817abf80 RCX: 00007f3b8167dda9\nRDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003\nRBP: 00007f3b823f1120 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 000000000000000b R14: 00007f3b817abf80 R15: 00007ffd3beb57b8\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26864",
"url": "https://www.suse.com/security/cve/CVE-2024-26864"
},
{
"category": "external",
"summary": "SUSE Bug 1223112 for CVE-2024-26864",
"url": "https://bugzilla.suse.com/1223112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-26864"
},
{
"cve": "CVE-2024-26943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau/dmem: handle kcalloc() allocation failure\n\nThe kcalloc() in nouveau_dmem_evict_chunk() will return null if\nthe physical memory has run out. As a result, if we dereference\nsrc_pfns, dst_pfns or dma_addrs, the null pointer dereference bugs\nwill happen.\n\nMoreover, the GPU is going away. If the kcalloc() fails, we could not\nevict all pages mapping a chunk. So this patch adds a __GFP_NOFAIL\nflag in kcalloc().\n\nFinally, as there is no need to have physically contiguous memory,\nthis patch switches kcalloc() to kvcalloc() in order to avoid\nfailing allocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26943",
"url": "https://www.suse.com/security/cve/CVE-2024-26943"
},
{
"category": "external",
"summary": "SUSE Bug 1230527 for CVE-2024-26943",
"url": "https://bugzilla.suse.com/1230527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-26943"
},
{
"cve": "CVE-2024-26953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: esp: fix bad handling of pages from page_pool\n\nWhen the skb is reorganized during esp_output (!esp-\u003einline), the pages\ncoming from the original skb fragments are supposed to be released back\nto the system through put_page. But if the skb fragment pages are\noriginating from a page_pool, calling put_page on them will trigger a\npage_pool leak which will eventually result in a crash.\n\nThis leak can be easily observed when using CONFIG_DEBUG_VM and doing\nipsec + gre (non offloaded) forwarding:\n\n BUG: Bad page state in process ksoftirqd/16 pfn:1451b6\n page:00000000de2b8d32 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1451b6000 pfn:0x1451b6\n flags: 0x200000000000000(node=0|zone=2)\n page_type: 0xffffffff()\n raw: 0200000000000000 dead000000000040 ffff88810d23c000 0000000000000000\n raw: 00000001451b6000 0000000000000001 00000000ffffffff 0000000000000000\n page dumped because: page_pool leak\n Modules linked in: ip_gre gre mlx5_ib mlx5_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink iptable_nat nf_nat xt_addrtype br_netfilter rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm ib_uverbs ib_core overlay zram zsmalloc fuse [last unloaded: mlx5_core]\n CPU: 16 PID: 96 Comm: ksoftirqd/16 Not tainted 6.8.0-rc4+ #22\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x36/0x50\n bad_page+0x70/0xf0\n free_unref_page_prepare+0x27a/0x460\n free_unref_page+0x38/0x120\n esp_ssg_unref.isra.0+0x15f/0x200\n esp_output_tail+0x66d/0x780\n esp_xmit+0x2c5/0x360\n validate_xmit_xfrm+0x313/0x370\n ? validate_xmit_skb+0x1d/0x330\n validate_xmit_skb_list+0x4c/0x70\n sch_direct_xmit+0x23e/0x350\n __dev_queue_xmit+0x337/0xba0\n ? nf_hook_slow+0x3f/0xd0\n ip_finish_output2+0x25e/0x580\n iptunnel_xmit+0x19b/0x240\n ip_tunnel_xmit+0x5fb/0xb60\n ipgre_xmit+0x14d/0x280 [ip_gre]\n dev_hard_start_xmit+0xc3/0x1c0\n __dev_queue_xmit+0x208/0xba0\n ? nf_hook_slow+0x3f/0xd0\n ip_finish_output2+0x1ca/0x580\n ip_sublist_rcv_finish+0x32/0x40\n ip_sublist_rcv+0x1b2/0x1f0\n ? ip_rcv_finish_core.constprop.0+0x460/0x460\n ip_list_rcv+0x103/0x130\n __netif_receive_skb_list_core+0x181/0x1e0\n netif_receive_skb_list_internal+0x1b3/0x2c0\n napi_gro_receive+0xc8/0x200\n gro_cell_poll+0x52/0x90\n __napi_poll+0x25/0x1a0\n net_rx_action+0x28e/0x300\n __do_softirq+0xc3/0x276\n ? sort_range+0x20/0x20\n run_ksoftirqd+0x1e/0x30\n smpboot_thread_fn+0xa6/0x130\n kthread+0xcd/0x100\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x31/0x50\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThe suggested fix is to introduce a new wrapper (skb_page_unref) that\ncovers page refcounting for page_pool pages as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26953",
"url": "https://www.suse.com/security/cve/CVE-2024-26953"
},
{
"category": "external",
"summary": "SUSE Bug 1223656 for CVE-2024-26953",
"url": "https://bugzilla.suse.com/1223656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-26953"
},
{
"cve": "CVE-2024-27017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: walk over current view on netlink dump\n\nThe generation mask can be updated while netlink dump is in progress.\nThe pipapo set backend walk iterator cannot rely on it to infer what\nview of the datastructure is to be used. Add notation to specify if user\nwants to read/update the set.\n\nBased on patch from Florian Westphal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27017",
"url": "https://www.suse.com/security/cve/CVE-2024-27017"
},
{
"category": "external",
"summary": "SUSE Bug 1223733 for CVE-2024-27017",
"url": "https://bugzilla.suse.com/1223733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-27017"
},
{
"cve": "CVE-2024-27026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27026"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix missing reserved tailroom\n\nUse rbi-\u003elen instead of rcd-\u003elen for non-dataring packet.\n\nFound issue:\n XDP_WARN: xdp_update_frame_from_buff(line:278): Driver BUG: missing reserved tailroom\n WARNING: CPU: 0 PID: 0 at net/core/xdp.c:586 xdp_warn+0xf/0x20\n CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W O 6.5.1 #1\n RIP: 0010:xdp_warn+0xf/0x20\n ...\n ? xdp_warn+0xf/0x20\n xdp_do_redirect+0x15f/0x1c0\n vmxnet3_run_xdp+0x17a/0x400 [vmxnet3]\n vmxnet3_process_xdp+0xe4/0x760 [vmxnet3]\n ? vmxnet3_tq_tx_complete.isra.0+0x21e/0x2c0 [vmxnet3]\n vmxnet3_rq_rx_complete+0x7ad/0x1120 [vmxnet3]\n vmxnet3_poll_rx_only+0x2d/0xa0 [vmxnet3]\n __napi_poll+0x20/0x180\n net_rx_action+0x177/0x390",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27026",
"url": "https://www.suse.com/security/cve/CVE-2024-27026"
},
{
"category": "external",
"summary": "SUSE Bug 1223700 for CVE-2024-27026",
"url": "https://bugzilla.suse.com/1223700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-27026"
},
{
"cve": "CVE-2024-27043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: edia: dvbdev: fix a use-after-free\n\nIn dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed\nin several error-handling paths. However, *pdvbdev is not set to NULL\nafter dvbdev\u0027s deallocation, causing use-after-frees in many places,\nfor example, in the following call chain:\n\nbudget_register\n |-\u003e dvb_dmxdev_init\n |-\u003e dvb_register_device\n |-\u003e dvb_dmxdev_release\n |-\u003e dvb_unregister_device\n |-\u003e dvb_remove_device\n |-\u003e dvb_device_put\n |-\u003e kref_put\n\nWhen calling dvb_unregister_device, dmxdev-\u003edvbdev (i.e. *pdvbdev in\ndvb_register_device) could point to memory that had been freed in\ndvb_register_device. Thereafter, this pointer is transferred to\nkref_put and triggering a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27043",
"url": "https://www.suse.com/security/cve/CVE-2024-27043"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223824 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "external",
"summary": "SUSE Bug 1223825 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-27043"
},
{
"cve": "CVE-2024-27407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27407"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fixed overflow check in mi_enum_attr()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27407",
"url": "https://www.suse.com/security/cve/CVE-2024-27407"
},
{
"category": "external",
"summary": "SUSE Bug 1224429 for CVE-2024-27407",
"url": "https://bugzilla.suse.com/1224429"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-27407"
},
{
"cve": "CVE-2024-35888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nerspan: make sure erspan_base_hdr is present in skb-\u003ehead\n\nsyzbot reported a problem in ip6erspan_rcv() [1]\n\nIssue is that ip6erspan_rcv() (and erspan_rcv()) no longer make\nsure erspan_base_hdr is present in skb linear part (skb-\u003ehead)\nbefore getting @ver field from it.\n\nAdd the missing pskb_may_pull() calls.\n\nv2: Reload iph pointer in erspan_rcv() after pskb_may_pull()\n because skb-\u003ehead might have changed.\n\n[1]\n\n BUG: KMSAN: uninit-value in pskb_may_pull_reason include/linux/skbuff.h:2742 [inline]\n BUG: KMSAN: uninit-value in pskb_may_pull include/linux/skbuff.h:2756 [inline]\n BUG: KMSAN: uninit-value in ip6erspan_rcv net/ipv6/ip6_gre.c:541 [inline]\n BUG: KMSAN: uninit-value in gre_rcv+0x11f8/0x1930 net/ipv6/ip6_gre.c:610\n pskb_may_pull_reason include/linux/skbuff.h:2742 [inline]\n pskb_may_pull include/linux/skbuff.h:2756 [inline]\n ip6erspan_rcv net/ipv6/ip6_gre.c:541 [inline]\n gre_rcv+0x11f8/0x1930 net/ipv6/ip6_gre.c:610\n ip6_protocol_deliver_rcu+0x1d4c/0x2ca0 net/ipv6/ip6_input.c:438\n ip6_input_finish net/ipv6/ip6_input.c:483 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip6_input+0x15d/0x430 net/ipv6/ip6_input.c:492\n ip6_mc_input+0xa7e/0xc80 net/ipv6/ip6_input.c:586\n dst_input include/net/dst.h:460 [inline]\n ip6_rcv_finish+0x955/0x970 net/ipv6/ip6_input.c:79\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ipv6_rcv+0xde/0x390 net/ipv6/ip6_input.c:310\n __netif_receive_skb_one_core net/core/dev.c:5538 [inline]\n __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5652\n netif_receive_skb_internal net/core/dev.c:5738 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5798\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1549\n tun_get_user+0x5566/0x69e0 drivers/net/tun.c:2002\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n call_write_iter include/linux/fs.h:2108 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0xb63/0x1520 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xe0 fs/read_write.c:652\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3804 [inline]\n slab_alloc_node mm/slub.c:3845 [inline]\n kmem_cache_alloc_node+0x613/0xc50 mm/slub.c:3888\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:577\n __alloc_skb+0x35b/0x7a0 net/core/skbuff.c:668\n alloc_skb include/linux/skbuff.h:1318 [inline]\n alloc_skb_with_frags+0xc8/0xbf0 net/core/skbuff.c:6504\n sock_alloc_send_pskb+0xa81/0xbf0 net/core/sock.c:2795\n tun_alloc_skb drivers/net/tun.c:1525 [inline]\n tun_get_user+0x209a/0x69e0 drivers/net/tun.c:1846\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n call_write_iter include/linux/fs.h:2108 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0xb63/0x1520 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xe0 fs/read_write.c:652\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nCPU: 1 PID: 5045 Comm: syz-executor114 Not tainted 6.9.0-rc1-syzkaller-00021-g962490525cff #0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35888",
"url": "https://www.suse.com/security/cve/CVE-2024-35888"
},
{
"category": "external",
"summary": "SUSE Bug 1224518 for CVE-2024-35888",
"url": "https://bugzilla.suse.com/1224518"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-35888"
},
{
"cve": "CVE-2024-35980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: tlb: Fix TLBI RANGE operand\n\nKVM/arm64 relies on TLBI RANGE feature to flush TLBs when the dirty\npages are collected by VMM and the page table entries become write\nprotected during live migration. Unfortunately, the operand passed\nto the TLBI RANGE instruction isn\u0027t correctly sorted out due to the\ncommit 117940aa6e5f (\"KVM: arm64: Define kvm_tlb_flush_vmid_range()\").\nIt leads to crash on the destination VM after live migration because\nTLBs aren\u0027t flushed completely and some of the dirty pages are missed.\n\nFor example, I have a VM where 8GB memory is assigned, starting from\n0x40000000 (1GB). Note that the host has 4KB as the base page size.\nIn the middile of migration, kvm_tlb_flush_vmid_range() is executed\nto flush TLBs. It passes MAX_TLBI_RANGE_PAGES as the argument to\n__kvm_tlb_flush_vmid_range() and __flush_s2_tlb_range_op(). SCALE#3\nand NUM#31, corresponding to MAX_TLBI_RANGE_PAGES, isn\u0027t supported\nby __TLBI_RANGE_NUM(). In this specific case, -1 has been returned\nfrom __TLBI_RANGE_NUM() for SCALE#3/2/1/0 and rejected by the loop\nin the __flush_tlb_range_op() until the variable @scale underflows\nand becomes -9, 0xffff708000040000 is set as the operand. The operand\nis wrong since it\u0027s sorted out by __TLBI_VADDR_RANGE() according to\ninvalid @scale and @num.\n\nFix it by extending __TLBI_RANGE_NUM() to support the combination of\nSCALE#3 and NUM#31. With the changes, [-1 31] instead of [-1 30] can\nbe returned from the macro, meaning the TLBs for 0x200000 pages in the\nabove example can be flushed in one shoot with SCALE#3 and NUM#31. The\nmacro TLBI_RANGE_MASK is dropped since no one uses it any more. The\ncomments are also adjusted accordingly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35980",
"url": "https://www.suse.com/security/cve/CVE-2024-35980"
},
{
"category": "external",
"summary": "SUSE Bug 1224574 for CVE-2024-35980",
"url": "https://bugzilla.suse.com/1224574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-35980"
},
{
"cve": "CVE-2024-36000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix missing hugetlb_lock for resv uncharge\n\nThere is a recent report on UFFDIO_COPY over hugetlb:\n\nhttps://lore.kernel.org/all/000000000000ee06de0616177560@google.com/\n\n350:\tlockdep_assert_held(\u0026hugetlb_lock);\n\nShould be an issue in hugetlb but triggered in an userfault context, where\nit goes into the unlikely path where two threads modifying the resv map\ntogether. Mike has a fix in that path for resv uncharge but it looks like\nthe locking criteria was overlooked: hugetlb_cgroup_uncharge_folio_rsvd()\nwill update the cgroup pointer, so it requires to be called with the lock\nheld.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36000",
"url": "https://www.suse.com/security/cve/CVE-2024-36000"
},
{
"category": "external",
"summary": "SUSE Bug 1224548 for CVE-2024-36000",
"url": "https://bugzilla.suse.com/1224548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-36000"
},
{
"cve": "CVE-2024-36031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36031"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkeys: Fix overwrite of key expiration on instantiation\n\nThe expiry time of a key is unconditionally overwritten during\ninstantiation, defaulting to turn it permanent. This causes a problem\nfor DNS resolution as the expiration set by user-space is overwritten to\nTIME64_MAX, disabling further DNS updates. Fix this by restoring the\ncondition that key_set_expiry is only called when the pre-parser sets a\nspecific expiry.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36031",
"url": "https://www.suse.com/security/cve/CVE-2024-36031"
},
{
"category": "external",
"summary": "SUSE Bug 1225713 for CVE-2024-36031",
"url": "https://bugzilla.suse.com/1225713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-36031"
},
{
"cve": "CVE-2024-36244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36244"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: taprio: extend minimum interval restriction to entire cycle too\n\nIt is possible for syzbot to side-step the restriction imposed by the\nblamed commit in the Fixes: tag, because the taprio UAPI permits a\ncycle-time different from (and potentially shorter than) the sum of\nentry intervals.\n\nWe need one more restriction, which is that the cycle time itself must\nbe larger than N * ETH_ZLEN bit times, where N is the number of schedule\nentries. This restriction needs to apply regardless of whether the cycle\ntime came from the user or was the implicit, auto-calculated value, so\nwe move the existing \"cycle == 0\" check outside the \"if \"(!new-\u003ecycle_time)\"\nbranch. This way covers both conditions and scenarios.\n\nAdd a selftest which illustrates the issue triggered by syzbot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36244",
"url": "https://www.suse.com/security/cve/CVE-2024-36244"
},
{
"category": "external",
"summary": "SUSE Bug 1226797 for CVE-2024-36244",
"url": "https://bugzilla.suse.com/1226797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "low"
}
],
"title": "CVE-2024-36244"
},
{
"cve": "CVE-2024-36484",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36484"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: relax socket state check at accept time.\n\nChristoph reported the following splat:\n\nWARNING: CPU: 1 PID: 772 at net/ipv4/af_inet.c:761 __inet_accept+0x1f4/0x4a0\nModules linked in:\nCPU: 1 PID: 772 Comm: syz-executor510 Not tainted 6.9.0-rc7-g7da7119fe22b #56\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014\nRIP: 0010:__inet_accept+0x1f4/0x4a0 net/ipv4/af_inet.c:759\nCode: 04 38 84 c0 0f 85 87 00 00 00 41 c7 04 24 03 00 00 00 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ec b7 da fd \u003c0f\u003e 0b e9 7f fe ff ff e8 e0 b7 da fd 0f 0b e9 fe fe ff ff 89 d9 80\nRSP: 0018:ffffc90000c2fc58 EFLAGS: 00010293\nRAX: ffffffff836bdd14 RBX: 0000000000000000 RCX: ffff888104668000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: dffffc0000000000 R08: ffffffff836bdb89 R09: fffff52000185f64\nR10: dffffc0000000000 R11: fffff52000185f64 R12: dffffc0000000000\nR13: 1ffff92000185f98 R14: ffff88810754d880 R15: ffff8881007b7800\nFS: 000000001c772880(0000) GS:ffff88811b280000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fb9fcf2e178 CR3: 00000001045d2002 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n inet_accept+0x138/0x1d0 net/ipv4/af_inet.c:786\n do_accept+0x435/0x620 net/socket.c:1929\n __sys_accept4_file net/socket.c:1969 [inline]\n __sys_accept4+0x9b/0x110 net/socket.c:1999\n __do_sys_accept net/socket.c:2016 [inline]\n __se_sys_accept net/socket.c:2013 [inline]\n __x64_sys_accept+0x7d/0x90 net/socket.c:2013\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x58/0x100 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x4315f9\nCode: fd ff 48 81 c4 80 00 00 00 e9 f1 fe ff ff 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 0f 83 ab b4 fd ff c3 66 2e 0f 1f 84 00 00 00 00\nRSP: 002b:00007ffdb26d9c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002b\nRAX: ffffffffffffffda RBX: 0000000000400300 RCX: 00000000004315f9\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004\nRBP: 00000000006e1018 R08: 0000000000400300 R09: 0000000000400300\nR10: 0000000000400300 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000040cdf0 R14: 000000000040ce80 R15: 0000000000000055\n \u003c/TASK\u003e\n\nThe reproducer invokes shutdown() before entering the listener status.\nAfter commit 94062790aedb (\"tcp: defer shutdown(SEND_SHUTDOWN) for\nTCP_SYN_RECV sockets\"), the above causes the child to reach the accept\nsyscall in FIN_WAIT1 status.\n\nEric noted we can relax the existing assertion in __inet_accept()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36484",
"url": "https://www.suse.com/security/cve/CVE-2024-36484"
},
{
"category": "external",
"summary": "SUSE Bug 1226872 for CVE-2024-36484",
"url": "https://bugzilla.suse.com/1226872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-36484"
},
{
"cve": "CVE-2024-36883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix out-of-bounds access in ops_init\n\nnet_alloc_generic is called by net_alloc, which is called without any\nlocking. It reads max_gen_ptrs, which is changed under pernet_ops_rwsem. It\nis read twice, first to allocate an array, then to set s.len, which is\nlater used to limit the bounds of the array access.\n\nIt is possible that the array is allocated and another thread is\nregistering a new pernet ops, increments max_gen_ptrs, which is then used\nto set s.len with a larger than allocated length for the variable array.\n\nFix it by reading max_gen_ptrs only once in net_alloc_generic. If\nmax_gen_ptrs is later incremented, it will be caught in net_assign_generic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36883",
"url": "https://www.suse.com/security/cve/CVE-2024-36883"
},
{
"category": "external",
"summary": "SUSE Bug 1225725 for CVE-2024-36883",
"url": "https://bugzilla.suse.com/1225725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-36883"
},
{
"cve": "CVE-2024-36886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix UAF in error path\n\nSam Page (sam4k) working with Trend Micro Zero Day Initiative reported\na UAF in the tipc_buf_append() error path:\n\nBUG: KASAN: slab-use-after-free in kfree_skb_list_reason+0x47e/0x4c0\nlinux/net/core/skbuff.c:1183\nRead of size 8 at addr ffff88804d2a7c80 by task poc/8034\n\nCPU: 1 PID: 8034 Comm: poc Not tainted 6.8.2 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.0-debian-1.16.0-5 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack linux/lib/dump_stack.c:88\n dump_stack_lvl+0xd9/0x1b0 linux/lib/dump_stack.c:106\n print_address_description linux/mm/kasan/report.c:377\n print_report+0xc4/0x620 linux/mm/kasan/report.c:488\n kasan_report+0xda/0x110 linux/mm/kasan/report.c:601\n kfree_skb_list_reason+0x47e/0x4c0 linux/net/core/skbuff.c:1183\n skb_release_data+0x5af/0x880 linux/net/core/skbuff.c:1026\n skb_release_all linux/net/core/skbuff.c:1094\n __kfree_skb linux/net/core/skbuff.c:1108\n kfree_skb_reason+0x12d/0x210 linux/net/core/skbuff.c:1144\n kfree_skb linux/./include/linux/skbuff.h:1244\n tipc_buf_append+0x425/0xb50 linux/net/tipc/msg.c:186\n tipc_link_input+0x224/0x7c0 linux/net/tipc/link.c:1324\n tipc_link_rcv+0x76e/0x2d70 linux/net/tipc/link.c:1824\n tipc_rcv+0x45f/0x10f0 linux/net/tipc/node.c:2159\n tipc_udp_recv+0x73b/0x8f0 linux/net/tipc/udp_media.c:390\n udp_queue_rcv_one_skb+0xad2/0x1850 linux/net/ipv4/udp.c:2108\n udp_queue_rcv_skb+0x131/0xb00 linux/net/ipv4/udp.c:2186\n udp_unicast_rcv_skb+0x165/0x3b0 linux/net/ipv4/udp.c:2346\n __udp4_lib_rcv+0x2594/0x3400 linux/net/ipv4/udp.c:2422\n ip_protocol_deliver_rcu+0x30c/0x4e0 linux/net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2e4/0x520 linux/net/ipv4/ip_input.c:233\n NF_HOOK linux/./include/linux/netfilter.h:314\n NF_HOOK linux/./include/linux/netfilter.h:308\n ip_local_deliver+0x18e/0x1f0 linux/net/ipv4/ip_input.c:254\n dst_input linux/./include/net/dst.h:461\n ip_rcv_finish linux/net/ipv4/ip_input.c:449\n NF_HOOK linux/./include/linux/netfilter.h:314\n NF_HOOK linux/./include/linux/netfilter.h:308\n ip_rcv+0x2c5/0x5d0 linux/net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core+0x199/0x1e0 linux/net/core/dev.c:5534\n __netif_receive_skb+0x1f/0x1c0 linux/net/core/dev.c:5648\n process_backlog+0x101/0x6b0 linux/net/core/dev.c:5976\n __napi_poll.constprop.0+0xba/0x550 linux/net/core/dev.c:6576\n napi_poll linux/net/core/dev.c:6645\n net_rx_action+0x95a/0xe90 linux/net/core/dev.c:6781\n __do_softirq+0x21f/0x8e7 linux/kernel/softirq.c:553\n do_softirq linux/kernel/softirq.c:454\n do_softirq+0xb2/0xf0 linux/kernel/softirq.c:441\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0x100/0x120 linux/kernel/softirq.c:381\n local_bh_enable linux/./include/linux/bottom_half.h:33\n rcu_read_unlock_bh linux/./include/linux/rcupdate.h:851\n __dev_queue_xmit+0x871/0x3ee0 linux/net/core/dev.c:4378\n dev_queue_xmit linux/./include/linux/netdevice.h:3169\n neigh_hh_output linux/./include/net/neighbour.h:526\n neigh_output linux/./include/net/neighbour.h:540\n ip_finish_output2+0x169f/0x2550 linux/net/ipv4/ip_output.c:235\n __ip_finish_output linux/net/ipv4/ip_output.c:313\n __ip_finish_output+0x49e/0x950 linux/net/ipv4/ip_output.c:295\n ip_finish_output+0x31/0x310 linux/net/ipv4/ip_output.c:323\n NF_HOOK_COND linux/./include/linux/netfilter.h:303\n ip_output+0x13b/0x2a0 linux/net/ipv4/ip_output.c:433\n dst_output linux/./include/net/dst.h:451\n ip_local_out linux/net/ipv4/ip_output.c:129\n ip_send_skb+0x3e5/0x560 linux/net/ipv4/ip_output.c:1492\n udp_send_skb+0x73f/0x1530 linux/net/ipv4/udp.c:963\n udp_sendmsg+0x1a36/0x2b40 linux/net/ipv4/udp.c:1250\n inet_sendmsg+0x105/0x140 linux/net/ipv4/af_inet.c:850\n sock_sendmsg_nosec linux/net/socket.c:730\n __sock_sendmsg linux/net/socket.c:745\n __sys_sendto+0x42c/0x4e0 linux/net/socket.c:2191\n __do_sys_sendto linux/net/socket.c:2203\n __se_sys_sendto linux/net/socket.c:2199\n __x64_sys_sendto+0xe0/0x1c0 linux/net/socket.c:2199\n do_syscall_x64 linux/arch/x86/entry/common.c:52\n do_syscall_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36886",
"url": "https://www.suse.com/security/cve/CVE-2024-36886"
},
{
"category": "external",
"summary": "SUSE Bug 1225730 for CVE-2024-36886",
"url": "https://bugzilla.suse.com/1225730"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-36886",
"url": "https://bugzilla.suse.com/1225742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-36886"
},
{
"cve": "CVE-2024-36905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets\n\nTCP_SYN_RECV state is really special, it is only used by\ncross-syn connections, mostly used by fuzzers.\n\nIn the following crash [1], syzbot managed to trigger a divide\nby zero in tcp_rcv_space_adjust()\n\nA socket makes the following state transitions,\nwithout ever calling tcp_init_transfer(),\nmeaning tcp_init_buffer_space() is also not called.\n\n TCP_CLOSE\nconnect()\n TCP_SYN_SENT\n TCP_SYN_RECV\nshutdown() -\u003e tcp_shutdown(sk, SEND_SHUTDOWN)\n TCP_FIN_WAIT1\n\nTo fix this issue, change tcp_shutdown() to not\nperform a TCP_SYN_RECV -\u003e TCP_FIN_WAIT1 transition,\nwhich makes no sense anyway.\n\nWhen tcp_rcv_state_process() later changes socket state\nfrom TCP_SYN_RECV to TCP_ESTABLISH, then look at\nsk-\u003esk_shutdown to finally enter TCP_FIN_WAIT1 state,\nand send a FIN packet from a sane socket state.\n\nThis means tcp_send_fin() can now be called from BH\ncontext, and must use GFP_ATOMIC allocations.\n\n[1]\ndivide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 1 PID: 5084 Comm: syz-executor358 Not tainted 6.9.0-rc6-syzkaller-00022-g98369dccd2f8 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\n RIP: 0010:tcp_rcv_space_adjust+0x2df/0x890 net/ipv4/tcp_input.c:767\nCode: e3 04 4c 01 eb 48 8b 44 24 38 0f b6 04 10 84 c0 49 89 d5 0f 85 a5 03 00 00 41 8b 8e c8 09 00 00 89 e8 29 c8 48 0f af c3 31 d2 \u003c48\u003e f7 f1 48 8d 1c 43 49 8d 96 76 08 00 00 48 89 d0 48 c1 e8 03 48\nRSP: 0018:ffffc900031ef3f0 EFLAGS: 00010246\nRAX: 0c677a10441f8f42 RBX: 000000004fb95e7e RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: 0000000027d4b11f R08: ffffffff89e535a4 R09: 1ffffffff25e6ab7\nR10: dffffc0000000000 R11: ffffffff8135e920 R12: ffff88802a9f8d30\nR13: dffffc0000000000 R14: ffff88802a9f8d00 R15: 1ffff1100553f2da\nFS: 00005555775c0380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f1155bf2304 CR3: 000000002b9f2000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n tcp_recvmsg_locked+0x106d/0x25a0 net/ipv4/tcp.c:2513\n tcp_recvmsg+0x25d/0x920 net/ipv4/tcp.c:2578\n inet6_recvmsg+0x16a/0x730 net/ipv6/af_inet6.c:680\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x109/0x280 net/socket.c:1068\n ____sys_recvmsg+0x1db/0x470 net/socket.c:2803\n ___sys_recvmsg net/socket.c:2845 [inline]\n do_recvmmsg+0x474/0xae0 net/socket.c:2939\n __sys_recvmmsg net/socket.c:3018 [inline]\n __do_sys_recvmmsg net/socket.c:3041 [inline]\n __se_sys_recvmmsg net/socket.c:3034 [inline]\n __x64_sys_recvmmsg+0x199/0x250 net/socket.c:3034\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7faeb6363db9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffcc1997168 EFLAGS: 00000246 ORIG_RAX: 000000000000012b\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faeb6363db9\nRDX: 0000000000000001 RSI: 0000000020000bc0 RDI: 0000000000000005\nRBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000001c\nR10: 0000000000000122 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36905",
"url": "https://www.suse.com/security/cve/CVE-2024-36905"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-36905",
"url": "https://bugzilla.suse.com/1225742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-36905"
},
{
"cve": "CVE-2024-36920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Avoid memcpy field-spanning write WARNING\n\nWhen the \"storcli2 show\" command is executed for eHBA-9600, mpi3mr driver\nprints this WARNING message:\n\n memcpy: detected field-spanning write (size 128) of single field \"bsg_reply_buf-\u003ereply_buf\" at drivers/scsi/mpi3mr/mpi3mr_app.c:1658 (size 1)\n WARNING: CPU: 0 PID: 12760 at drivers/scsi/mpi3mr/mpi3mr_app.c:1658 mpi3mr_bsg_request+0x6b12/0x7f10 [mpi3mr]\n\nThe cause of the WARN is 128 bytes memcpy to the 1 byte size array \"__u8\nreplay_buf[1]\" in the struct mpi3mr_bsg_in_reply_buf. The array is intended\nto be a flexible length array, so the WARN is a false positive.\n\nTo suppress the WARN, remove the constant number \u00271\u0027 from the array\ndeclaration and clarify that it has flexible length. Also, adjust the\nmemory allocation size to match the change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36920",
"url": "https://www.suse.com/security/cve/CVE-2024-36920"
},
{
"category": "external",
"summary": "SUSE Bug 1225768 for CVE-2024-36920",
"url": "https://bugzilla.suse.com/1225768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-36920"
},
{
"cve": "CVE-2024-36927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: Fix uninit-value access in __ip_make_skb()\n\nKMSAN reported uninit-value access in __ip_make_skb() [1]. __ip_make_skb()\ntests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a\nrace condition. If calling setsockopt(2) with IP_HDRINCL changes HDRINCL\nwhile __ip_make_skb() is running, the function will access icmphdr in the\nskb even if it is not included. This causes the issue reported by KMSAN.\n\nCheck FLOWI_FLAG_KNOWN_NH on fl4-\u003eflowi4_flags instead of testing HDRINCL\non the socket.\n\nAlso, fl4-\u003efl4_icmp_type and fl4-\u003efl4_icmp_code are not initialized. These\nare union in struct flowi4 and are implicitly initialized by\nflowi4_init_output(), but we should not rely on specific union layout.\n\nInitialize these explicitly in raw_sendmsg().\n\n[1]\nBUG: KMSAN: uninit-value in __ip_make_skb+0x2b74/0x2d20 net/ipv4/ip_output.c:1481\n __ip_make_skb+0x2b74/0x2d20 net/ipv4/ip_output.c:1481\n ip_finish_skb include/net/ip.h:243 [inline]\n ip_push_pending_frames+0x4c/0x5c0 net/ipv4/ip_output.c:1508\n raw_sendmsg+0x2381/0x2690 net/ipv4/raw.c:654\n inet_sendmsg+0x27b/0x2a0 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x274/0x3c0 net/socket.c:745\n __sys_sendto+0x62c/0x7b0 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x130/0x200 net/socket.c:2199\n do_syscall_64+0xd8/0x1f0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3804 [inline]\n slab_alloc_node mm/slub.c:3845 [inline]\n kmem_cache_alloc_node+0x5f6/0xc50 mm/slub.c:3888\n kmalloc_reserve+0x13c/0x4a0 net/core/skbuff.c:577\n __alloc_skb+0x35a/0x7c0 net/core/skbuff.c:668\n alloc_skb include/linux/skbuff.h:1318 [inline]\n __ip_append_data+0x49ab/0x68c0 net/ipv4/ip_output.c:1128\n ip_append_data+0x1e7/0x260 net/ipv4/ip_output.c:1365\n raw_sendmsg+0x22b1/0x2690 net/ipv4/raw.c:648\n inet_sendmsg+0x27b/0x2a0 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x274/0x3c0 net/socket.c:745\n __sys_sendto+0x62c/0x7b0 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x130/0x200 net/socket.c:2199\n do_syscall_64+0xd8/0x1f0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nCPU: 1 PID: 15709 Comm: syz-executor.7 Not tainted 6.8.0-11567-gb3603fcb79b1 #25\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36927",
"url": "https://www.suse.com/security/cve/CVE-2024-36927"
},
{
"category": "external",
"summary": "SUSE Bug 1225813 for CVE-2024-36927",
"url": "https://bugzilla.suse.com/1225813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-36927"
},
{
"cve": "CVE-2024-36954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix a possible memleak in tipc_buf_append\n\n__skb_linearize() doesn\u0027t free the skb when it fails, so move\n\u0027*buf = NULL\u0027 after __skb_linearize(), so that the skb can be\nfreed on the err path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36954",
"url": "https://www.suse.com/security/cve/CVE-2024-36954"
},
{
"category": "external",
"summary": "SUSE Bug 1225764 for CVE-2024-36954",
"url": "https://bugzilla.suse.com/1225764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-36954"
},
{
"cve": "CVE-2024-36968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()\n\nl2cap_le_flowctl_init() can cause both div-by-zero and an integer\noverflow since hdev-\u003ele_mtu may not fall in the valid range.\n\nMove MTU from hci_dev to hci_conn to validate MTU and stop the connection\nprocess earlier if MTU is invalid.\nAlso, add a missing validation in read_buffer_size() and make it return\nan error value if the validation fails.\nNow hci_conn_add() returns ERR_PTR() as it can fail due to the both a\nkzalloc failure and invalid MTU value.\n\ndivide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 PID: 67 Comm: kworker/u5:0 Tainted: G W 6.9.0-rc5+ #20\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: hci0 hci_rx_work\nRIP: 0010:l2cap_le_flowctl_init+0x19e/0x3f0 net/bluetooth/l2cap_core.c:547\nCode: e8 17 17 0c 00 66 41 89 9f 84 00 00 00 bf 01 00 00 00 41 b8 02 00 00 00 4c\n89 fe 4c 89 e2 89 d9 e8 27 17 0c 00 44 89 f0 31 d2 \u003c66\u003e f7 f3 89 c3 ff c3 4d 8d\nb7 88 00 00 00 4c 89 f0 48 c1 e8 03 42\nRSP: 0018:ffff88810bc0f858 EFLAGS: 00010246\nRAX: 00000000000002a0 RBX: 0000000000000000 RCX: dffffc0000000000\nRDX: 0000000000000000 RSI: ffff88810bc0f7c0 RDI: ffffc90002dcb66f\nRBP: ffff88810bc0f880 R08: aa69db2dda70ff01 R09: 0000ffaaaaaaaaaa\nR10: 0084000000ffaaaa R11: 0000000000000000 R12: ffff88810d65a084\nR13: dffffc0000000000 R14: 00000000000002a0 R15: ffff88810d65a000\nFS: 0000000000000000(0000) GS:ffff88811ac00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000100 CR3: 0000000103268003 CR4: 0000000000770ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n l2cap_le_connect_req net/bluetooth/l2cap_core.c:4902 [inline]\n l2cap_le_sig_cmd net/bluetooth/l2cap_core.c:5420 [inline]\n l2cap_le_sig_channel net/bluetooth/l2cap_core.c:5486 [inline]\n l2cap_recv_frame+0xe59d/0x11710 net/bluetooth/l2cap_core.c:6809\n l2cap_recv_acldata+0x544/0x10a0 net/bluetooth/l2cap_core.c:7506\n hci_acldata_packet net/bluetooth/hci_core.c:3939 [inline]\n hci_rx_work+0x5e5/0xb20 net/bluetooth/hci_core.c:4176\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0x90f/0x1530 kernel/workqueue.c:3335\n worker_thread+0x926/0xe70 kernel/workqueue.c:3416\n kthread+0x2e3/0x380 kernel/kthread.c:388\n ret_from_fork+0x5c/0x90 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\nModules linked in:\n---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36968",
"url": "https://www.suse.com/security/cve/CVE-2024-36968"
},
{
"category": "external",
"summary": "SUSE Bug 1226130 for CVE-2024-36968",
"url": "https://bugzilla.suse.com/1226130"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-36968"
},
{
"cve": "CVE-2024-38576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38576"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu: Fix buffer overflow in print_cpu_stall_info()\n\nThe rcuc-starvation output from print_cpu_stall_info() might overflow the\nbuffer if there is a huge difference in jiffies difference. The situation\nmight seem improbable, but computers sometimes get very confused about\ntime, which can result in full-sized integers, and, in this case,\nbuffer overflow.\n\nAlso, the unsigned jiffies difference is printed using %ld, which is\nnormally for signed integers. This is intentional for debugging purposes,\nbut it is not obvious from the code.\n\nThis commit therefore changes sprintf() to snprintf() and adds a\nclarifying comment about intention of %ld format.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38576",
"url": "https://www.suse.com/security/cve/CVE-2024-38576"
},
{
"category": "external",
"summary": "SUSE Bug 1226623 for CVE-2024-38576",
"url": "https://bugzilla.suse.com/1226623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-38576"
},
{
"cve": "CVE-2024-38577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38577"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow\n\nThere is a possibility of buffer overflow in\nshow_rcu_tasks_trace_gp_kthread() if counters, passed\nto sprintf() are huge. Counter numbers, needed for this\nare unrealistically high, but buffer overflow is still\npossible.\n\nUse snprintf() with buffer size instead of sprintf().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38577",
"url": "https://www.suse.com/security/cve/CVE-2024-38577"
},
{
"category": "external",
"summary": "SUSE Bug 1226631 for CVE-2024-38577",
"url": "https://bugzilla.suse.com/1226631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-38577"
},
{
"cve": "CVE-2024-38589",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38589"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetrom: fix possible dead-lock in nr_rt_ioctl()\n\nsyzbot loves netrom, and found a possible deadlock in nr_rt_ioctl [1]\n\nMake sure we always acquire nr_node_list_lock before nr_node_lock(nr_node)\n\n[1]\nWARNING: possible circular locking dependency detected\n6.9.0-rc7-syzkaller-02147-g654de42f3fc6 #0 Not tainted\n------------------------------------------------------\nsyz-executor350/5129 is trying to acquire lock:\n ffff8880186e2070 (\u0026nr_node-\u003enode_lock){+...}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline]\n ffff8880186e2070 (\u0026nr_node-\u003enode_lock){+...}-{2:2}, at: nr_node_lock include/net/netrom.h:152 [inline]\n ffff8880186e2070 (\u0026nr_node-\u003enode_lock){+...}-{2:2}, at: nr_dec_obs net/netrom/nr_route.c:464 [inline]\n ffff8880186e2070 (\u0026nr_node-\u003enode_lock){+...}-{2:2}, at: nr_rt_ioctl+0x1bb/0x1090 net/netrom/nr_route.c:697\n\nbut task is already holding lock:\n ffffffff8f7053b8 (nr_node_list_lock){+...}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline]\n ffffffff8f7053b8 (nr_node_list_lock){+...}-{2:2}, at: nr_dec_obs net/netrom/nr_route.c:462 [inline]\n ffffffff8f7053b8 (nr_node_list_lock){+...}-{2:2}, at: nr_rt_ioctl+0x10a/0x1090 net/netrom/nr_route.c:697\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (nr_node_list_lock){+...}-{2:2}:\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5754\n __raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline]\n _raw_spin_lock_bh+0x35/0x50 kernel/locking/spinlock.c:178\n spin_lock_bh include/linux/spinlock.h:356 [inline]\n nr_remove_node net/netrom/nr_route.c:299 [inline]\n nr_del_node+0x4b4/0x820 net/netrom/nr_route.c:355\n nr_rt_ioctl+0xa95/0x1090 net/netrom/nr_route.c:683\n sock_do_ioctl+0x158/0x460 net/socket.c:1222\n sock_ioctl+0x629/0x8e0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:890\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n-\u003e #0 (\u0026nr_node-\u003enode_lock){+...}-{2:2}:\n check_prev_add kernel/locking/lockdep.c:3134 [inline]\n check_prevs_add kernel/locking/lockdep.c:3253 [inline]\n validate_chain+0x18cb/0x58e0 kernel/locking/lockdep.c:3869\n __lock_acquire+0x1346/0x1fd0 kernel/locking/lockdep.c:5137\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5754\n __raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline]\n _raw_spin_lock_bh+0x35/0x50 kernel/locking/spinlock.c:178\n spin_lock_bh include/linux/spinlock.h:356 [inline]\n nr_node_lock include/net/netrom.h:152 [inline]\n nr_dec_obs net/netrom/nr_route.c:464 [inline]\n nr_rt_ioctl+0x1bb/0x1090 net/netrom/nr_route.c:697\n sock_do_ioctl+0x158/0x460 net/socket.c:1222\n sock_ioctl+0x629/0x8e0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:890\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(nr_node_list_lock);\n lock(\u0026nr_node-\u003enode_lock);\n lock(nr_node_list_lock);\n lock(\u0026nr_node-\u003enode_lock);\n\n *** DEADLOCK ***\n\n1 lock held by syz-executor350/5129:\n #0: ffffffff8f7053b8 (nr_node_list_lock){+...}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline]\n #0: ffffffff8f7053b8 (nr_node_list_lock){+...}-{2:2}, at: nr_dec_obs net/netrom/nr_route.c:462 [inline]\n #0: ffffffff8f70\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38589",
"url": "https://www.suse.com/security/cve/CVE-2024-38589"
},
{
"category": "external",
"summary": "SUSE Bug 1226748 for CVE-2024-38589",
"url": "https://bugzilla.suse.com/1226748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-38589"
},
{
"cve": "CVE-2024-38599",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38599"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njffs2: prevent xattr node from overflowing the eraseblock\n\nAdd a check to make sure that the requested xattr node size is no larger\nthan the eraseblock minus the cleanmarker.\n\nUnlike the usual inode nodes, the xattr nodes aren\u0027t split into parts\nand spread across multiple eraseblocks, which means that a xattr node\nmust not occupy more than one eraseblock. If the requested xattr value is\ntoo large, the xattr node can spill onto the next eraseblock, overwriting\nthe nodes and causing errors such as:\n\njffs2: argh. node added in wrong place at 0x0000b050(2)\njffs2: nextblock 0x0000a000, expected at 0000b00c\njffs2: error: (823) do_verify_xattr_datum: node CRC failed at 0x01e050,\nread=0xfc892c93, calc=0x000000\njffs2: notice: (823) jffs2_get_inode_nodes: Node header CRC failed\nat 0x01e00c. {848f,2fc4,0fef511f,59a3d171}\njffs2: Node at 0x0000000c with length 0x00001044 would run over the\nend of the erase block\njffs2: Perhaps the file system was created with the wrong erase size?\njffs2: jffs2_scan_eraseblock(): Magic bitmask 0x1985 not found\nat 0x00000010: 0x1044 instead\n\nThis breaks the filesystem and can lead to KASAN crashes such as:\n\nBUG: KASAN: slab-out-of-bounds in jffs2_sum_add_kvec+0x125e/0x15d0\nRead of size 4 at addr ffff88802c31e914 by task repro/830\nCPU: 0 PID: 830 Comm: repro Not tainted 6.9.0-rc3+ #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS Arch Linux 1.16.3-1-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc6/0x120\n print_report+0xc4/0x620\n ? __virt_addr_valid+0x308/0x5b0\n kasan_report+0xc1/0xf0\n ? jffs2_sum_add_kvec+0x125e/0x15d0\n ? jffs2_sum_add_kvec+0x125e/0x15d0\n jffs2_sum_add_kvec+0x125e/0x15d0\n jffs2_flash_direct_writev+0xa8/0xd0\n jffs2_flash_writev+0x9c9/0xef0\n ? __x64_sys_setxattr+0xc4/0x160\n ? do_syscall_64+0x69/0x140\n ? entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38599",
"url": "https://www.suse.com/security/cve/CVE-2024-38599"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-38599",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1226848 for CVE-2024-38599",
"url": "https://bugzilla.suse.com/1226848"
},
{
"category": "external",
"summary": "SUSE Bug 1227283 for CVE-2024-38599",
"url": "https://bugzilla.suse.com/1227283"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-38599"
},
{
"cve": "CVE-2024-40914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: don\u0027t unpoison huge_zero_folio\n\nWhen I did memory failure tests recently, below panic occurs:\n\n kernel BUG at include/linux/mm.h:1135!\n invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 9 PID: 137 Comm: kswapd1 Not tainted 6.9.0-rc4-00491-gd5ce28f156fe-dirty #14\n RIP: 0010:shrink_huge_zero_page_scan+0x168/0x1a0\n RSP: 0018:ffff9933c6c57bd0 EFLAGS: 00000246\n RAX: 000000000000003e RBX: 0000000000000000 RCX: ffff88f61fc5c9c8\n RDX: 0000000000000000 RSI: 0000000000000027 RDI: ffff88f61fc5c9c0\n RBP: ffffcd7c446b0000 R08: ffffffff9a9405f0 R09: 0000000000005492\n R10: 00000000000030ea R11: ffffffff9a9405f0 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: ffff88e703c4ac00\n FS: 0000000000000000(0000) GS:ffff88f61fc40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055f4da6e9878 CR3: 0000000c71048000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n do_shrink_slab+0x14f/0x6a0\n shrink_slab+0xca/0x8c0\n shrink_node+0x2d0/0x7d0\n balance_pgdat+0x33a/0x720\n kswapd+0x1f3/0x410\n kthread+0xd5/0x100\n ret_from_fork+0x2f/0x50\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n Modules linked in: mce_inject hwpoison_inject\n ---[ end trace 0000000000000000 ]---\n RIP: 0010:shrink_huge_zero_page_scan+0x168/0x1a0\n RSP: 0018:ffff9933c6c57bd0 EFLAGS: 00000246\n RAX: 000000000000003e RBX: 0000000000000000 RCX: ffff88f61fc5c9c8\n RDX: 0000000000000000 RSI: 0000000000000027 RDI: ffff88f61fc5c9c0\n RBP: ffffcd7c446b0000 R08: ffffffff9a9405f0 R09: 0000000000005492\n R10: 00000000000030ea R11: ffffffff9a9405f0 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: ffff88e703c4ac00\n FS: 0000000000000000(0000) GS:ffff88f61fc40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055f4da6e9878 CR3: 0000000c71048000 CR4: 00000000000006f0\n\nThe root cause is that HWPoison flag will be set for huge_zero_folio\nwithout increasing the folio refcnt. But then unpoison_memory() will\ndecrease the folio refcnt unexpectedly as it appears like a successfully\nhwpoisoned folio leading to VM_BUG_ON_PAGE(page_ref_count(page) == 0) when\nreleasing huge_zero_folio.\n\nSkip unpoisoning huge_zero_folio in unpoison_memory() to fix this issue. \nWe\u0027re not prepared to unpoison huge_zero_folio yet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40914",
"url": "https://www.suse.com/security/cve/CVE-2024-40914"
},
{
"category": "external",
"summary": "SUSE Bug 1227842 for CVE-2024-40914",
"url": "https://bugzilla.suse.com/1227842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-40914"
},
{
"cve": "CVE-2024-41016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()\n\nxattr in ocfs2 maybe \u0027non-indexed\u0027, which saved with additional space\nrequested. It\u0027s better to check if the memory is out of bound before\nmemcmp, although this possibility mainly comes from crafted poisonous\nimages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41016",
"url": "https://www.suse.com/security/cve/CVE-2024-41016"
},
{
"category": "external",
"summary": "SUSE Bug 1228410 for CVE-2024-41016",
"url": "https://bugzilla.suse.com/1228410"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-41016"
},
{
"cve": "CVE-2024-41023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/deadline: Fix task_struct reference leak\n\nDuring the execution of the following stress test with linux-rt:\n\nstress-ng --cyclic 30 --timeout 30 --minimize --quiet\n\nkmemleak frequently reported a memory leak concerning the task_struct:\n\nunreferenced object 0xffff8881305b8000 (size 16136):\n comm \"stress-ng\", pid 614, jiffies 4294883961 (age 286.412s)\n object hex dump (first 32 bytes):\n 02 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .@..............\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n debug hex dump (first 16 bytes):\n 53 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 S...............\n backtrace:\n [\u003c00000000046b6790\u003e] dup_task_struct+0x30/0x540\n [\u003c00000000c5ca0f0b\u003e] copy_process+0x3d9/0x50e0\n [\u003c00000000ced59777\u003e] kernel_clone+0xb0/0x770\n [\u003c00000000a50befdc\u003e] __do_sys_clone+0xb6/0xf0\n [\u003c000000001dbf2008\u003e] do_syscall_64+0x5d/0xf0\n [\u003c00000000552900ff\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nThe issue occurs in start_dl_timer(), which increments the task_struct\nreference count and sets a timer. The timer callback, dl_task_timer,\nis supposed to decrement the reference count upon expiration. However,\nif enqueue_task_dl() is called before the timer expires and cancels it,\nthe reference count is not decremented, leading to the leak.\n\nThis patch fixes the reference leak by ensuring the task_struct\nreference count is properly decremented when the timer is canceled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41023",
"url": "https://www.suse.com/security/cve/CVE-2024-41023"
},
{
"category": "external",
"summary": "SUSE Bug 1228430 for CVE-2024-41023",
"url": "https://bugzilla.suse.com/1228430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-41023"
},
{
"cve": "CVE-2024-41031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41031"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/filemap: skip to create PMD-sized page cache if needed\n\nOn ARM64, HPAGE_PMD_ORDER is 13 when the base page size is 64KB. The\nPMD-sized page cache can\u0027t be supported by xarray as the following error\nmessages indicate.\n\n------------[ cut here ]------------\nWARNING: CPU: 35 PID: 7484 at lib/xarray.c:1025 xas_split_alloc+0xf8/0x128\nModules linked in: nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib \\\nnft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct \\\nnft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 \\\nip_set rfkill nf_tables nfnetlink vfat fat virtio_balloon drm \\\nfuse xfs libcrc32c crct10dif_ce ghash_ce sha2_ce sha256_arm64 \\\nsha1_ce virtio_net net_failover virtio_console virtio_blk failover \\\ndimlib virtio_mmio\nCPU: 35 PID: 7484 Comm: test Kdump: loaded Tainted: G W 6.10.0-rc5-gavin+ #9\nHardware name: QEMU KVM Virtual Machine, BIOS edk2-20240524-1.el9 05/24/2024\npstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)\npc : xas_split_alloc+0xf8/0x128\nlr : split_huge_page_to_list_to_order+0x1c4/0x720\nsp : ffff800087a4f6c0\nx29: ffff800087a4f6c0 x28: ffff800087a4f720 x27: 000000001fffffff\nx26: 0000000000000c40 x25: 000000000000000d x24: ffff00010625b858\nx23: ffff800087a4f720 x22: ffffffdfc0780000 x21: 0000000000000000\nx20: 0000000000000000 x19: ffffffdfc0780000 x18: 000000001ff40000\nx17: 00000000ffffffff x16: 0000018000000000 x15: 51ec004000000000\nx14: 0000e00000000000 x13: 0000000000002000 x12: 0000000000000020\nx11: 51ec000000000000 x10: 51ece1c0ffff8000 x9 : ffffbeb961a44d28\nx8 : 0000000000000003 x7 : ffffffdfc0456420 x6 : ffff0000e1aa6eb8\nx5 : 20bf08b4fe778fca x4 : ffffffdfc0456420 x3 : 0000000000000c40\nx2 : 000000000000000d x1 : 000000000000000c x0 : 0000000000000000\nCall trace:\n xas_split_alloc+0xf8/0x128\n split_huge_page_to_list_to_order+0x1c4/0x720\n truncate_inode_partial_folio+0xdc/0x160\n truncate_inode_pages_range+0x1b4/0x4a8\n truncate_pagecache_range+0x84/0xa0\n xfs_flush_unmap_range+0x70/0x90 [xfs]\n xfs_file_fallocate+0xfc/0x4d8 [xfs]\n vfs_fallocate+0x124/0x2e8\n ksys_fallocate+0x4c/0xa0\n __arm64_sys_fallocate+0x24/0x38\n invoke_syscall.constprop.0+0x7c/0xd8\n do_el0_svc+0xb4/0xd0\n el0_svc+0x44/0x1d8\n el0t_64_sync_handler+0x134/0x150\n el0t_64_sync+0x17c/0x180\n\nFix it by skipping to allocate PMD-sized page cache when its size is\nlarger than MAX_PAGECACHE_ORDER. For this specific case, we will fall to\nregular path where the readahead window is determined by BDI\u0027s sysfs file\n(read_ahead_kb).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41031",
"url": "https://www.suse.com/security/cve/CVE-2024-41031"
},
{
"category": "external",
"summary": "SUSE Bug 1228454 for CVE-2024-41031",
"url": "https://bugzilla.suse.com/1228454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "low"
}
],
"title": "CVE-2024-41031"
},
{
"cve": "CVE-2024-41047",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41047"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix XDP program unloading while removing the driver\n\nThe commit 6533e558c650 (\"i40e: Fix reset path while removing\nthe driver\") introduced a new PF state \"__I40E_IN_REMOVE\" to block\nmodifying the XDP program while the driver is being removed.\nUnfortunately, such a change is useful only if the \".ndo_bpf()\"\ncallback was called out of the rmmod context because unloading the\nexisting XDP program is also a part of driver removing procedure.\nIn other words, from the rmmod context the driver is expected to\nunload the XDP program without reporting any errors. Otherwise,\nthe kernel warning with callstack is printed out to dmesg.\n\nExample failing scenario:\n 1. Load the i40e driver.\n 2. Load the XDP program.\n 3. Unload the i40e driver (using \"rmmod\" command).\n\nThe example kernel warning log:\n\n[ +0.004646] WARNING: CPU: 94 PID: 10395 at net/core/dev.c:9290 unregister_netdevice_many_notify+0x7a9/0x870\n[...]\n[ +0.010959] RIP: 0010:unregister_netdevice_many_notify+0x7a9/0x870\n[...]\n[ +0.002726] Call Trace:\n[ +0.002457] \u003cTASK\u003e\n[ +0.002119] ? __warn+0x80/0x120\n[ +0.003245] ? unregister_netdevice_many_notify+0x7a9/0x870\n[ +0.005586] ? report_bug+0x164/0x190\n[ +0.003678] ? handle_bug+0x3c/0x80\n[ +0.003503] ? exc_invalid_op+0x17/0x70\n[ +0.003846] ? asm_exc_invalid_op+0x1a/0x20\n[ +0.004200] ? unregister_netdevice_many_notify+0x7a9/0x870\n[ +0.005579] ? unregister_netdevice_many_notify+0x3cc/0x870\n[ +0.005586] unregister_netdevice_queue+0xf7/0x140\n[ +0.004806] unregister_netdev+0x1c/0x30\n[ +0.003933] i40e_vsi_release+0x87/0x2f0 [i40e]\n[ +0.004604] i40e_remove+0x1a1/0x420 [i40e]\n[ +0.004220] pci_device_remove+0x3f/0xb0\n[ +0.003943] device_release_driver_internal+0x19f/0x200\n[ +0.005243] driver_detach+0x48/0x90\n[ +0.003586] bus_remove_driver+0x6d/0xf0\n[ +0.003939] pci_unregister_driver+0x2e/0xb0\n[ +0.004278] i40e_exit_module+0x10/0x5f0 [i40e]\n[ +0.004570] __do_sys_delete_module.isra.0+0x197/0x310\n[ +0.005153] do_syscall_64+0x85/0x170\n[ +0.003684] ? syscall_exit_to_user_mode+0x69/0x220\n[ +0.004886] ? do_syscall_64+0x95/0x170\n[ +0.003851] ? exc_page_fault+0x7e/0x180\n[ +0.003932] entry_SYSCALL_64_after_hwframe+0x71/0x79\n[ +0.005064] RIP: 0033:0x7f59dc9347cb\n[ +0.003648] Code: 73 01 c3 48 8b 0d 65 16 0c 00 f7 d8 64 89 01 48 83\nc8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 b0 00 00 00 0f\n05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 35 16 0c 00 f7 d8 64 89 01 48\n[ +0.018753] RSP: 002b:00007ffffac99048 EFLAGS: 00000206 ORIG_RAX: 00000000000000b0\n[ +0.007577] RAX: ffffffffffffffda RBX: 0000559b9bb2f6e0 RCX: 00007f59dc9347cb\n[ +0.007140] RDX: 0000000000000000 RSI: 0000000000000800 RDI: 0000559b9bb2f748\n[ +0.007146] RBP: 00007ffffac99070 R08: 1999999999999999 R09: 0000000000000000\n[ +0.007133] R10: 00007f59dc9a5ac0 R11: 0000000000000206 R12: 0000000000000000\n[ +0.007141] R13: 00007ffffac992d8 R14: 0000559b9bb2f6e0 R15: 0000000000000000\n[ +0.007151] \u003c/TASK\u003e\n[ +0.002204] ---[ end trace 0000000000000000 ]---\n\nFix this by checking if the XDP program is being loaded or unloaded.\nThen, block only loading a new program while \"__I40E_IN_REMOVE\" is set.\nAlso, move testing \"__I40E_IN_REMOVE\" flag to the beginning of XDP_SETUP\ncallback to avoid unnecessary operations and checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41047",
"url": "https://www.suse.com/security/cve/CVE-2024-41047"
},
{
"category": "external",
"summary": "SUSE Bug 1228537 for CVE-2024-41047",
"url": "https://bugzilla.suse.com/1228537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-41047"
},
{
"cve": "CVE-2024-41082",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41082"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-fabrics: use reserved tag for reg read/write command\n\nIn some scenarios, if too many commands are issued by nvme command in\nthe same time by user tasks, this may exhaust all tags of admin_q. If\na reset (nvme reset or IO timeout) occurs before these commands finish,\nreconnect routine may fail to update nvme regs due to insufficient tags,\nwhich will cause kernel hang forever. In order to workaround this issue,\nmaybe we can let reg_read32()/reg_read64()/reg_write32() use reserved\ntags. This maybe safe for nvmf:\n\n1. For the disable ctrl path, we will not issue connect command\n2. For the enable ctrl / fw activate path, since connect and reg_xx()\n are called serially.\n\nSo the reserved tags may still be enough while reg_xx() use reserved tags.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41082",
"url": "https://www.suse.com/security/cve/CVE-2024-41082"
},
{
"category": "external",
"summary": "SUSE Bug 1228620 for CVE-2024-41082",
"url": "https://bugzilla.suse.com/1228620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-41082"
},
{
"cve": "CVE-2024-42102",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42102"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again\"\n\nPatch series \"mm: Avoid possible overflows in dirty throttling\".\n\nDirty throttling logic assumes dirty limits in page units fit into\n32-bits. This patch series makes sure this is true (see patch 2/2 for\nmore details).\n\n\nThis patch (of 2):\n\nThis reverts commit 9319b647902cbd5cc884ac08a8a6d54ce111fc78.\n\nThe commit is broken in several ways. Firstly, the removed (u64) cast\nfrom the multiplication will introduce a multiplication overflow on 32-bit\narchs if wb_thresh * bg_thresh \u003e= 1\u003c\u003c32 (which is actually common - the\ndefault settings with 4GB of RAM will trigger this). Secondly, the\ndiv64_u64() is unnecessarily expensive on 32-bit archs. We have\ndiv64_ul() in case we want to be safe \u0026 cheap. Thirdly, if dirty\nthresholds are larger than 1\u003c\u003c32 pages, then dirty balancing is going to\nblow up in many other spectacular ways anyway so trying to fix one\npossible overflow is just moot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42102",
"url": "https://www.suse.com/security/cve/CVE-2024-42102"
},
{
"category": "external",
"summary": "SUSE Bug 1222364 for CVE-2024-42102",
"url": "https://bugzilla.suse.com/1222364"
},
{
"category": "external",
"summary": "SUSE Bug 1233132 for CVE-2024-42102",
"url": "https://bugzilla.suse.com/1233132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-42102"
},
{
"cve": "CVE-2024-42145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/core: Implement a limit on UMAD receive List\n\nThe existing behavior of ib_umad, which maintains received MAD\npackets in an unbounded list, poses a risk of uncontrolled growth.\nAs user-space applications extract packets from this list, the rate\nof extraction may not match the rate of incoming packets, leading\nto potential list overflow.\n\nTo address this, we introduce a limit to the size of the list. After\nconsidering typical scenarios, such as OpenSM processing, which can\nhandle approximately 100k packets per second, and the 1-second retry\ntimeout for most packets, we set the list size limit to 200k. Packets\nreceived beyond this limit are dropped, assuming they are likely timed\nout by the time they are handled by user-space.\n\nNotably, packets queued on the receive list due to reasons like\ntimed-out sends are preserved even when the list is full.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42145",
"url": "https://www.suse.com/security/cve/CVE-2024-42145"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-42145",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1228743 for CVE-2024-42145",
"url": "https://bugzilla.suse.com/1228743"
},
{
"category": "external",
"summary": "SUSE Bug 1228744 for CVE-2024-42145",
"url": "https://bugzilla.suse.com/1228744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-42145"
},
{
"cve": "CVE-2024-44932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix UAFs when destroying the queues\n\nThe second tagged commit started sometimes (very rarely, but possible)\nthrowing WARNs from\nnet/core/page_pool.c:page_pool_disable_direct_recycling().\nTurned out idpf frees interrupt vectors with embedded NAPIs *before*\nfreeing the queues making page_pools\u0027 NAPI pointers lead to freed\nmemory before these pools are destroyed by libeth.\nIt\u0027s not clear whether there are other accesses to the freed vectors\nwhen destroying the queues, but anyway, we usually free queue/interrupt\nvectors only when the queues are destroyed and the NAPIs are guaranteed\nto not be referenced anywhere.\n\nInvert the allocation and freeing logic making queue/interrupt vectors\nbe allocated first and freed last. Vectors don\u0027t require queues to be\npresent, so this is safe. Additionally, this change allows to remove\nthat useless queue-\u003eq_vector pointer cleanup, as vectors are still\nvalid when freeing the queues (+ both are freed within one function,\nso it\u0027s not clear why nullify the pointers at all).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44932",
"url": "https://www.suse.com/security/cve/CVE-2024-44932"
},
{
"category": "external",
"summary": "SUSE Bug 1229808 for CVE-2024-44932",
"url": "https://bugzilla.suse.com/1229808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-44932"
},
{
"cve": "CVE-2024-44958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/smt: Fix unbalance sched_smt_present dec/inc\n\nI got the following warn report while doing stress test:\n\njump label: negative count!\nWARNING: CPU: 3 PID: 38 at kernel/jump_label.c:263 static_key_slow_try_dec+0x9d/0xb0\nCall Trace:\n \u003cTASK\u003e\n __static_key_slow_dec_cpuslocked+0x16/0x70\n sched_cpu_deactivate+0x26e/0x2a0\n cpuhp_invoke_callback+0x3ad/0x10d0\n cpuhp_thread_fun+0x3f5/0x680\n smpboot_thread_fn+0x56d/0x8d0\n kthread+0x309/0x400\n ret_from_fork+0x41/0x70\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\nBecause when cpuset_cpu_inactive() fails in sched_cpu_deactivate(),\nthe cpu offline failed, but sched_smt_present is decremented before\ncalling sched_cpu_deactivate(), it leads to unbalanced dec/inc, so\nfix it by incrementing sched_smt_present in the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44958",
"url": "https://www.suse.com/security/cve/CVE-2024-44958"
},
{
"category": "external",
"summary": "SUSE Bug 1230179 for CVE-2024-44958",
"url": "https://bugzilla.suse.com/1230179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-44958"
},
{
"cve": "CVE-2024-44964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix memory leaks and crashes while performing a soft reset\n\nThe second tagged commit introduced a UAF, as it removed restoring\nq_vector-\u003evport pointers after reinitializating the structures.\nThis is due to that all queue allocation functions are performed here\nwith the new temporary vport structure and those functions rewrite\nthe backpointers to the vport. Then, this new struct is freed and\nthe pointers start leading to nowhere.\n\nBut generally speaking, the current logic is very fragile. It claims\nto be more reliable when the system is low on memory, but in fact, it\nconsumes two times more memory as at the moment of running this\nfunction, there are two vports allocated with their queues and vectors.\nMoreover, it claims to prevent the driver from running into \"bad state\",\nbut in fact, any error during the rebuild leaves the old vport in the\npartially allocated state.\nFinally, if the interface is down when the function is called, it always\nallocates a new queue set, but when the user decides to enable the\ninterface later on, vport_open() allocates them once again, IOW there\u0027s\na clear memory leak here.\n\nJust don\u0027t allocate a new queue set when performing a reset, that solves\ncrashes and memory leaks. Readd the old queue number and reopen the\ninterface on rollback - that solves limbo states when the device is left\ndisabled and/or without HW queues enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44964",
"url": "https://www.suse.com/security/cve/CVE-2024-44964"
},
{
"category": "external",
"summary": "SUSE Bug 1230220 for CVE-2024-44964",
"url": "https://bugzilla.suse.com/1230220"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-44964"
},
{
"cve": "CVE-2024-44995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix a deadlock problem when config TC during resetting\n\nWhen config TC during the reset process, may cause a deadlock, the flow is\nas below:\n pf reset start\n |\n v\n ......\nsetup tc |\n | v\n v DOWN: napi_disable()\nnapi_disable()(skip) |\n | |\n v v\n ...... ......\n | |\n v |\nnapi_enable() |\n v\n UINIT: netif_napi_del()\n |\n v\n ......\n |\n v\n INIT: netif_napi_add()\n |\n v\n ...... global reset start\n | |\n v v\n UP: napi_enable()(skip) ......\n | |\n v v\n ...... napi_disable()\n\nIn reset process, the driver will DOWN the port and then UINIT, in this\ncase, the setup tc process will UP the port before UINIT, so cause the\nproblem. Adds a DOWN process in UINIT to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44995",
"url": "https://www.suse.com/security/cve/CVE-2024-44995"
},
{
"category": "external",
"summary": "SUSE Bug 1230231 for CVE-2024-44995",
"url": "https://bugzilla.suse.com/1230231"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-44995"
},
{
"cve": "CVE-2024-45016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: fix return value if duplicate enqueue fails\n\nThere is a bug in netem_enqueue() introduced by\ncommit 5845f706388a (\"net: netem: fix skb length BUG_ON in __skb_to_sgvec\")\nthat can lead to a use-after-free.\n\nThis commit made netem_enqueue() always return NET_XMIT_SUCCESS\nwhen a packet is duplicated, which can cause the parent qdisc\u0027s q.qlen\nto be mistakenly incremented. When this happens qlen_notify() may be\nskipped on the parent during destruction, leaving a dangling pointer\nfor some classful qdiscs like DRR.\n\nThere are two ways for the bug happen:\n\n- If the duplicated packet is dropped by rootq-\u003eenqueue() and then\n the original packet is also dropped.\n- If rootq-\u003eenqueue() sends the duplicated packet to a different qdisc\n and the original packet is dropped.\n\nIn both cases NET_XMIT_SUCCESS is returned even though no packets\nare enqueued at the netem qdisc.\n\nThe fix is to defer the enqueue of the duplicate packet until after\nthe original packet has been guaranteed to return NET_XMIT_SUCCESS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45016",
"url": "https://www.suse.com/security/cve/CVE-2024-45016"
},
{
"category": "external",
"summary": "SUSE Bug 1230429 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230429"
},
{
"category": "external",
"summary": "SUSE Bug 1230998 for CVE-2024-45016",
"url": "https://bugzilla.suse.com/1230998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-45016"
},
{
"cve": "CVE-2024-45025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45025"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE\n\ncopy_fd_bitmaps(new, old, count) is expected to copy the first\ncount/BITS_PER_LONG bits from old-\u003efull_fds_bits[] and fill\nthe rest with zeroes. What it does is copying enough words\n(BITS_TO_LONGS(count/BITS_PER_LONG)), then memsets the rest.\nThat works fine, *if* all bits past the cutoff point are\nclear. Otherwise we are risking garbage from the last word\nwe\u0027d copied.\n\nFor most of the callers that is true - expand_fdtable() has\ncount equal to old-\u003emax_fds, so there\u0027s no open descriptors\npast count, let alone fully occupied words in -\u003eopen_fds[],\nwhich is what bits in -\u003efull_fds_bits[] correspond to.\n\nThe other caller (dup_fd()) passes sane_fdtable_size(old_fdt, max_fds),\nwhich is the smallest multiple of BITS_PER_LONG that covers all\nopened descriptors below max_fds. In the common case (copying on\nfork()) max_fds is ~0U, so all opened descriptors will be below\nit and we are fine, by the same reasons why the call in expand_fdtable()\nis safe.\n\nUnfortunately, there is a case where max_fds is less than that\nand where we might, indeed, end up with junk in -\u003efull_fds_bits[] -\nclose_range(from, to, CLOSE_RANGE_UNSHARE) with\n\t* descriptor table being currently shared\n\t* \u0027to\u0027 being above the current capacity of descriptor table\n\t* \u0027from\u0027 being just under some chunk of opened descriptors.\nIn that case we end up with observably wrong behaviour - e.g. spawn\na child with CLONE_FILES, get all descriptors in range 0..127 open,\nthen close_range(64, ~0U, CLOSE_RANGE_UNSHARE) and watch dup(0) ending\nup with descriptor #128, despite #64 being observably not open.\n\nThe minimally invasive fix would be to deal with that in dup_fd().\nIf this proves to add measurable overhead, we can go that way, but\nlet\u0027s try to fix copy_fd_bitmaps() first.\n\n* new helper: bitmap_copy_and_expand(to, from, bits_to_copy, size).\n* make copy_fd_bitmaps() take the bitmap size in words, rather than\nbits; it\u0027s \u0027count\u0027 argument is always a multiple of BITS_PER_LONG,\nso we are not losing any information, and that way we can use the\nsame helper for all three bitmaps - compiler will see that count\nis a multiple of BITS_PER_LONG for the large ones, so it\u0027ll generate\nplain memcpy()+memset().\n\nReproducer added to tools/testing/selftests/core/close_range_test.c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45025",
"url": "https://www.suse.com/security/cve/CVE-2024-45025"
},
{
"category": "external",
"summary": "SUSE Bug 1230456 for CVE-2024-45025",
"url": "https://bugzilla.suse.com/1230456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-45025"
},
{
"cve": "CVE-2024-46678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: change ipsec_lock from spin lock to mutex\n\nIn the cited commit, bond-\u003eipsec_lock is added to protect ipsec_list,\nhence xdo_dev_state_add and xdo_dev_state_delete are called inside\nthis lock. As ipsec_lock is a spin lock and such xfrmdev ops may sleep,\n\"scheduling while atomic\" will be triggered when changing bond\u0027s\nactive slave.\n\n[ 101.055189] BUG: scheduling while atomic: bash/902/0x00000200\n[ 101.055726] Modules linked in:\n[ 101.058211] CPU: 3 PID: 902 Comm: bash Not tainted 6.9.0-rc4+ #1\n[ 101.058760] Hardware name:\n[ 101.059434] Call Trace:\n[ 101.059436] \u003cTASK\u003e\n[ 101.060873] dump_stack_lvl+0x51/0x60\n[ 101.061275] __schedule_bug+0x4e/0x60\n[ 101.061682] __schedule+0x612/0x7c0\n[ 101.062078] ? __mod_timer+0x25c/0x370\n[ 101.062486] schedule+0x25/0xd0\n[ 101.062845] schedule_timeout+0x77/0xf0\n[ 101.063265] ? asm_common_interrupt+0x22/0x40\n[ 101.063724] ? __bpf_trace_itimer_state+0x10/0x10\n[ 101.064215] __wait_for_common+0x87/0x190\n[ 101.064648] ? usleep_range_state+0x90/0x90\n[ 101.065091] cmd_exec+0x437/0xb20 [mlx5_core]\n[ 101.065569] mlx5_cmd_do+0x1e/0x40 [mlx5_core]\n[ 101.066051] mlx5_cmd_exec+0x18/0x30 [mlx5_core]\n[ 101.066552] mlx5_crypto_create_dek_key+0xea/0x120 [mlx5_core]\n[ 101.067163] ? bonding_sysfs_store_option+0x4d/0x80 [bonding]\n[ 101.067738] ? kmalloc_trace+0x4d/0x350\n[ 101.068156] mlx5_ipsec_create_sa_ctx+0x33/0x100 [mlx5_core]\n[ 101.068747] mlx5e_xfrm_add_state+0x47b/0xaa0 [mlx5_core]\n[ 101.069312] bond_change_active_slave+0x392/0x900 [bonding]\n[ 101.069868] bond_option_active_slave_set+0x1c2/0x240 [bonding]\n[ 101.070454] __bond_opt_set+0xa6/0x430 [bonding]\n[ 101.070935] __bond_opt_set_notify+0x2f/0x90 [bonding]\n[ 101.071453] bond_opt_tryset_rtnl+0x72/0xb0 [bonding]\n[ 101.071965] bonding_sysfs_store_option+0x4d/0x80 [bonding]\n[ 101.072567] kernfs_fop_write_iter+0x10c/0x1a0\n[ 101.073033] vfs_write+0x2d8/0x400\n[ 101.073416] ? alloc_fd+0x48/0x180\n[ 101.073798] ksys_write+0x5f/0xe0\n[ 101.074175] do_syscall_64+0x52/0x110\n[ 101.074576] entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\nAs bond_ipsec_add_sa_all and bond_ipsec_del_sa_all are only called\nfrom bond_change_active_slave, which requires holding the RTNL lock.\nAnd bond_ipsec_add_sa and bond_ipsec_del_sa are xfrm state\nxdo_dev_state_add and xdo_dev_state_delete APIs, which are in user\ncontext. So ipsec_lock doesn\u0027t have to be spin lock, change it to\nmutex, and thus the above issue can be resolved.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46678",
"url": "https://www.suse.com/security/cve/CVE-2024-46678"
},
{
"category": "external",
"summary": "SUSE Bug 1230550 for CVE-2024-46678",
"url": "https://bugzilla.suse.com/1230550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46678"
},
{
"cve": "CVE-2024-46680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Fix random crash seen while removing driver\n\nThis fixes the random kernel crash seen while removing the driver, when\nrunning the load/unload test over multiple iterations.\n\n1) modprobe btnxpuart\n2) hciconfig hci0 reset\n3) hciconfig (check hci0 interface up with valid BD address)\n4) modprobe -r btnxpuart\nRepeat steps 1 to 4\n\nThe ps_wakeup() call in btnxpuart_close() schedules the psdata-\u003ework(),\nwhich gets scheduled after module is removed, causing a kernel crash.\n\nThis hidden issue got highlighted after enabling Power Save by default\nin 4183a7be7700 (Bluetooth: btnxpuart: Enable Power Save feature on\nstartup)\n\nThe new ps_cleanup() deasserts UART break immediately while closing\nserdev device, cancels any scheduled ps_work and destroys the ps_lock\nmutex.\n\n[ 85.884604] Unable to handle kernel paging request at virtual address ffffd4a61638f258\n[ 85.884624] Mem abort info:\n[ 85.884625] ESR = 0x0000000086000007\n[ 85.884628] EC = 0x21: IABT (current EL), IL = 32 bits\n[ 85.884633] SET = 0, FnV = 0\n[ 85.884636] EA = 0, S1PTW = 0\n[ 85.884638] FSC = 0x07: level 3 translation fault\n[ 85.884642] swapper pgtable: 4k pages, 48-bit VAs, pgdp=0000000041dd0000\n[ 85.884646] [ffffd4a61638f258] pgd=1000000095fff003, p4d=1000000095fff003, pud=100000004823d003, pmd=100000004823e003, pte=0000000000000000\n[ 85.884662] Internal error: Oops: 0000000086000007 [#1] PREEMPT SMP\n[ 85.890932] Modules linked in: algif_hash algif_skcipher af_alg overlay fsl_jr_uio caam_jr caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine authenc libdes crct10dif_ce polyval_ce polyval_generic snd_soc_imx_spdif snd_soc_imx_card snd_soc_ak5558 snd_soc_ak4458 caam secvio error snd_soc_fsl_spdif snd_soc_fsl_micfil snd_soc_fsl_sai snd_soc_fsl_utils gpio_ir_recv rc_core fuse [last unloaded: btnxpuart(O)]\n[ 85.927297] CPU: 1 PID: 67 Comm: kworker/1:3 Tainted: G O 6.1.36+g937b1be4345a #1\n[ 85.936176] Hardware name: FSL i.MX8MM EVK board (DT)\n[ 85.936182] Workqueue: events 0xffffd4a61638f380\n[ 85.936198] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 85.952817] pc : 0xffffd4a61638f258\n[ 85.952823] lr : 0xffffd4a61638f258\n[ 85.952827] sp : ffff8000084fbd70\n[ 85.952829] x29: ffff8000084fbd70 x28: 0000000000000000 x27: 0000000000000000\n[ 85.963112] x26: ffffd4a69133f000 x25: ffff4bf1c8540990 x24: ffff4bf215b87305\n[ 85.963119] x23: ffff4bf215b87300 x22: ffff4bf1c85409d0 x21: ffff4bf1c8540970\n[ 85.977382] x20: 0000000000000000 x19: ffff4bf1c8540880 x18: 0000000000000000\n[ 85.977391] x17: 0000000000000000 x16: 0000000000000133 x15: 0000ffffe2217090\n[ 85.977399] x14: 0000000000000001 x13: 0000000000000133 x12: 0000000000000139\n[ 85.977407] x11: 0000000000000001 x10: 0000000000000a60 x9 : ffff8000084fbc50\n[ 85.977417] x8 : ffff4bf215b7d000 x7 : ffff4bf215b83b40 x6 : 00000000000003e8\n[ 85.977424] x5 : 00000000410fd030 x4 : 0000000000000000 x3 : 0000000000000000\n[ 85.977432] x2 : 0000000000000000 x1 : ffff4bf1c4265880 x0 : 0000000000000000\n[ 85.977443] Call trace:\n[ 85.977446] 0xffffd4a61638f258\n[ 85.977451] 0xffffd4a61638f3e8\n[ 85.977455] process_one_work+0x1d4/0x330\n[ 85.977464] worker_thread+0x6c/0x430\n[ 85.977471] kthread+0x108/0x10c\n[ 85.977476] ret_from_fork+0x10/0x20\n[ 85.977488] Code: bad PC value\n[ 85.977491] ---[ end trace 0000000000000000 ]---\n\nPreset since v6.9.11",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46680",
"url": "https://www.suse.com/security/cve/CVE-2024-46680"
},
{
"category": "external",
"summary": "SUSE Bug 1230557 for CVE-2024-46680",
"url": "https://bugzilla.suse.com/1230557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46680"
},
{
"cve": "CVE-2024-46681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npktgen: use cpus_read_lock() in pg_net_init()\n\nI have seen the WARN_ON(smp_processor_id() != cpu) firing\nin pktgen_thread_worker() during tests.\n\nWe must use cpus_read_lock()/cpus_read_unlock()\naround the for_each_online_cpu(cpu) loop.\n\nWhile we are at it use WARN_ON_ONCE() to avoid a possible syslog flood.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46681",
"url": "https://www.suse.com/security/cve/CVE-2024-46681"
},
{
"category": "external",
"summary": "SUSE Bug 1230558 for CVE-2024-46681",
"url": "https://bugzilla.suse.com/1230558"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46681"
},
{
"cve": "CVE-2024-46721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46721"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix possible NULL pointer dereference\n\nprofile-\u003eparent-\u003edents[AAFS_PROF_DIR] could be NULL only if its parent is made\nfrom __create_missing_ancestors(..) and \u0027ent-\u003eold\u0027 is NULL in\naa_replace_profiles(..).\nIn that case, it must return an error code and the code, -ENOENT represents\nits state that the path of its parent is not existed yet.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000030\nPGD 0 P4D 0\nPREEMPT SMP PTI\nCPU: 4 PID: 3362 Comm: apparmor_parser Not tainted 6.8.0-24-generic #24\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\nRIP: 0010:aafs_create.constprop.0+0x7f/0x130\nCode: 4c 63 e0 48 83 c4 18 4c 89 e0 5b 41 5c 41 5d 41 5e 41 5f 5d 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 45 31 d2 c3 cc cc cc cc \u003c4d\u003e 8b 55 30 4d 8d ba a0 00 00 00 4c 89 55 c0 4c 89 ff e8 7a 6a ae\nRSP: 0018:ffffc9000b2c7c98 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 00000000000041ed RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffc9000b2c7cd8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffffff82baac10\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007be9f22cf740(0000) GS:ffff88817bc00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000030 CR3: 0000000134b08000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n ? show_regs+0x6d/0x80\n ? __die+0x24/0x80\n ? page_fault_oops+0x99/0x1b0\n ? kernelmode_fixup_or_oops+0xb2/0x140\n ? __bad_area_nosemaphore+0x1a5/0x2c0\n ? find_vma+0x34/0x60\n ? bad_area_nosemaphore+0x16/0x30\n ? do_user_addr_fault+0x2a2/0x6b0\n ? exc_page_fault+0x83/0x1b0\n ? asm_exc_page_fault+0x27/0x30\n ? aafs_create.constprop.0+0x7f/0x130\n ? aafs_create.constprop.0+0x51/0x130\n __aafs_profile_mkdir+0x3d6/0x480\n aa_replace_profiles+0x83f/0x1270\n policy_update+0xe3/0x180\n profile_load+0xbc/0x150\n ? rw_verify_area+0x47/0x140\n vfs_write+0x100/0x480\n ? __x64_sys_openat+0x55/0xa0\n ? syscall_exit_to_user_mode+0x86/0x260\n ksys_write+0x73/0x100\n __x64_sys_write+0x19/0x30\n x64_sys_call+0x7e/0x25c0\n do_syscall_64+0x7f/0x180\n entry_SYSCALL_64_after_hwframe+0x78/0x80\nRIP: 0033:0x7be9f211c574\nCode: c7 00 16 00 00 00 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 80 3d d5 ea 0e 00 00 74 13 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 55 48 89 e5 48 83 ec 20 48 89\nRSP: 002b:00007ffd26f2b8c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00005d504415e200 RCX: 00007be9f211c574\nRDX: 0000000000001fc1 RSI: 00005d504418bc80 RDI: 0000000000000004\nRBP: 0000000000001fc1 R08: 0000000000001fc1 R09: 0000000080000000\nR10: 0000000000000000 R11: 0000000000000202 R12: 00005d504418bc80\nR13: 0000000000000004 R14: 00007ffd26f2b9b0 R15: 00007ffd26f2ba30\n \u003c/TASK\u003e\nModules linked in: snd_seq_dummy snd_hrtimer qrtr snd_hda_codec_generic snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi snd_hda_codec snd_hda_core snd_hwdep snd_pcm snd_seq_midi snd_seq_midi_event snd_rawmidi snd_seq snd_seq_device i2c_i801 snd_timer i2c_smbus qxl snd soundcore drm_ttm_helper lpc_ich ttm joydev input_leds serio_raw mac_hid binfmt_misc msr parport_pc ppdev lp parport efi_pstore nfnetlink dmi_sysfs qemu_fw_cfg ip_tables x_tables autofs4 hid_generic usbhid hid ahci libahci psmouse virtio_rng xhci_pci xhci_pci_renesas\nCR2: 0000000000000030\n---[ end trace 0000000000000000 ]---\nRIP: 0010:aafs_create.constprop.0+0x7f/0x130\nCode: 4c 63 e0 48 83 c4 18 4c 89 e0 5b 41 5c 41 5d 41 5e 41 5f 5d 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 45 31 d2 c3 cc cc cc cc \u003c4d\u003e 8b 55 30 4d 8d ba a0 00 00 00 4c 89 55 c0 4c 89 ff e8 7a 6a ae\nRSP: 0018:ffffc9000b2c7c98 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 00000000000041ed RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffc9000b2c7cd8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46721",
"url": "https://www.suse.com/security/cve/CVE-2024-46721"
},
{
"category": "external",
"summary": "SUSE Bug 1230710 for CVE-2024-46721",
"url": "https://bugzilla.suse.com/1230710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46721"
},
{
"cve": "CVE-2024-46754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Remove tst_run from lwt_seg6local_prog_ops.\n\nThe syzbot reported that the lwt_seg6 related BPF ops can be invoked\nvia bpf_test_run() without without entering input_action_end_bpf()\nfirst.\n\nMartin KaFai Lau said that self test for BPF_PROG_TYPE_LWT_SEG6LOCAL\nprobably didn\u0027t work since it was introduced in commit 04d4b274e2a\n(\"ipv6: sr: Add seg6local action End.BPF\"). The reason is that the\nper-CPU variable seg6_bpf_srh_states::srh is never assigned in the self\ntest case but each BPF function expects it.\n\nRemove test_run for BPF_PROG_TYPE_LWT_SEG6LOCAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46754",
"url": "https://www.suse.com/security/cve/CVE-2024-46754"
},
{
"category": "external",
"summary": "SUSE Bug 1230801 for CVE-2024-46754",
"url": "https://bugzilla.suse.com/1230801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46754"
},
{
"cve": "CVE-2024-46765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: protect XDP configuration with a mutex\n\nThe main threat to data consistency in ice_xdp() is a possible asynchronous\nPF reset. It can be triggered by a user or by TX timeout handler.\n\nXDP setup and PF reset code access the same resources in the following\nsections:\n* ice_vsi_close() in ice_prepare_for_reset() - already rtnl-locked\n* ice_vsi_rebuild() for the PF VSI - not protected\n* ice_vsi_open() - already rtnl-locked\n\nWith an unfortunate timing, such accesses can result in a crash such as the\none below:\n\n[ +1.999878] ice 0000:b1:00.0: Registered XDP mem model MEM_TYPE_XSK_BUFF_POOL on Rx ring 14\n[ +2.002992] ice 0000:b1:00.0: Registered XDP mem model MEM_TYPE_XSK_BUFF_POOL on Rx ring 18\n[Mar15 18:17] ice 0000:b1:00.0 ens801f0np0: NETDEV WATCHDOG: CPU: 38: transmit queue 14 timed out 80692736 ms\n[ +0.000093] ice 0000:b1:00.0 ens801f0np0: tx_timeout: VSI_num: 6, Q 14, NTC: 0x0, HW_HEAD: 0x0, NTU: 0x0, INT: 0x4000001\n[ +0.000012] ice 0000:b1:00.0 ens801f0np0: tx_timeout recovery level 1, txqueue 14\n[ +0.394718] ice 0000:b1:00.0: PTP reset successful\n[ +0.006184] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ +0.000045] #PF: supervisor read access in kernel mode\n[ +0.000023] #PF: error_code(0x0000) - not-present page\n[ +0.000023] PGD 0 P4D 0\n[ +0.000018] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ +0.000023] CPU: 38 PID: 7540 Comm: kworker/38:1 Not tainted 6.8.0-rc7 #1\n[ +0.000031] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0014.082620210524 08/26/2021\n[ +0.000036] Workqueue: ice ice_service_task [ice]\n[ +0.000183] RIP: 0010:ice_clean_tx_ring+0xa/0xd0 [ice]\n[...]\n[ +0.000013] Call Trace:\n[ +0.000016] \u003cTASK\u003e\n[ +0.000014] ? __die+0x1f/0x70\n[ +0.000029] ? page_fault_oops+0x171/0x4f0\n[ +0.000029] ? schedule+0x3b/0xd0\n[ +0.000027] ? exc_page_fault+0x7b/0x180\n[ +0.000022] ? asm_exc_page_fault+0x22/0x30\n[ +0.000031] ? ice_clean_tx_ring+0xa/0xd0 [ice]\n[ +0.000194] ice_free_tx_ring+0xe/0x60 [ice]\n[ +0.000186] ice_destroy_xdp_rings+0x157/0x310 [ice]\n[ +0.000151] ice_vsi_decfg+0x53/0xe0 [ice]\n[ +0.000180] ice_vsi_rebuild+0x239/0x540 [ice]\n[ +0.000186] ice_vsi_rebuild_by_type+0x76/0x180 [ice]\n[ +0.000145] ice_rebuild+0x18c/0x840 [ice]\n[ +0.000145] ? delay_tsc+0x4a/0xc0\n[ +0.000022] ? delay_tsc+0x92/0xc0\n[ +0.000020] ice_do_reset+0x140/0x180 [ice]\n[ +0.000886] ice_service_task+0x404/0x1030 [ice]\n[ +0.000824] process_one_work+0x171/0x340\n[ +0.000685] worker_thread+0x277/0x3a0\n[ +0.000675] ? preempt_count_add+0x6a/0xa0\n[ +0.000677] ? _raw_spin_lock_irqsave+0x23/0x50\n[ +0.000679] ? __pfx_worker_thread+0x10/0x10\n[ +0.000653] kthread+0xf0/0x120\n[ +0.000635] ? __pfx_kthread+0x10/0x10\n[ +0.000616] ret_from_fork+0x2d/0x50\n[ +0.000612] ? __pfx_kthread+0x10/0x10\n[ +0.000604] ret_from_fork_asm+0x1b/0x30\n[ +0.000604] \u003c/TASK\u003e\n\nThe previous way of handling this through returning -EBUSY is not viable,\nparticularly when destroying AF_XDP socket, because the kernel proceeds\nwith removal anyway.\n\nThere is plenty of code between those calls and there is no need to create\na large critical section that covers all of them, same as there is no need\nto protect ice_vsi_rebuild() with rtnl_lock().\n\nAdd xdp_state_lock mutex to protect ice_vsi_rebuild() and ice_xdp().\n\nLeaving unprotected sections in between would result in two states that\nhave to be considered:\n1. when the VSI is closed, but not yet rebuild\n2. when VSI is already rebuild, but not yet open\n\nThe latter case is actually already handled through !netif_running() case,\nwe just need to adjust flag checking a little. The former one is not as\ntrivial, because between ice_vsi_close() and ice_vsi_rebuild(), a lot of\nhardware interaction happens, this can make adding/deleting rings exit\nwith an error. Luckily, VSI rebuild is pending and can apply new\nconfiguration for us in a managed fashion.\n\nTherefore, add an additional VSI state flag ICE_VSI_REBUILD_PENDING to\nindicate that ice_x\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46765",
"url": "https://www.suse.com/security/cve/CVE-2024-46765"
},
{
"category": "external",
"summary": "SUSE Bug 1230807 for CVE-2024-46765",
"url": "https://bugzilla.suse.com/1230807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46765"
},
{
"cve": "CVE-2024-46766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: move netif_queue_set_napi to rtnl-protected sections\n\nCurrently, netif_queue_set_napi() is called from ice_vsi_rebuild() that is\nnot rtnl-locked when called from the reset. This creates the need to take\nthe rtnl_lock just for a single function and complicates the\nsynchronization with .ndo_bpf. At the same time, there no actual need to\nfill napi-to-queue information at this exact point.\n\nFill napi-to-queue information when opening the VSI and clear it when the\nVSI is being closed. Those routines are already rtnl-locked.\n\nAlso, rewrite napi-to-queue assignment in a way that prevents inclusion of\nXDP queues, as this leads to out-of-bounds writes, such as one below.\n\n[ +0.000004] BUG: KASAN: slab-out-of-bounds in netif_queue_set_napi+0x1c2/0x1e0\n[ +0.000012] Write of size 8 at addr ffff889881727c80 by task bash/7047\n[ +0.000006] CPU: 24 PID: 7047 Comm: bash Not tainted 6.10.0-rc2+ #2\n[ +0.000004] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0014.082620210524 08/26/2021\n[ +0.000003] Call Trace:\n[ +0.000003] \u003cTASK\u003e\n[ +0.000002] dump_stack_lvl+0x60/0x80\n[ +0.000007] print_report+0xce/0x630\n[ +0.000007] ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n[ +0.000007] ? __virt_addr_valid+0x1c9/0x2c0\n[ +0.000005] ? netif_queue_set_napi+0x1c2/0x1e0\n[ +0.000003] kasan_report+0xe9/0x120\n[ +0.000004] ? netif_queue_set_napi+0x1c2/0x1e0\n[ +0.000004] netif_queue_set_napi+0x1c2/0x1e0\n[ +0.000005] ice_vsi_close+0x161/0x670 [ice]\n[ +0.000114] ice_dis_vsi+0x22f/0x270 [ice]\n[ +0.000095] ice_pf_dis_all_vsi.constprop.0+0xae/0x1c0 [ice]\n[ +0.000086] ice_prepare_for_reset+0x299/0x750 [ice]\n[ +0.000087] pci_dev_save_and_disable+0x82/0xd0\n[ +0.000006] pci_reset_function+0x12d/0x230\n[ +0.000004] reset_store+0xa0/0x100\n[ +0.000006] ? __pfx_reset_store+0x10/0x10\n[ +0.000002] ? __pfx_mutex_lock+0x10/0x10\n[ +0.000004] ? __check_object_size+0x4c1/0x640\n[ +0.000007] kernfs_fop_write_iter+0x30b/0x4a0\n[ +0.000006] vfs_write+0x5d6/0xdf0\n[ +0.000005] ? fd_install+0x180/0x350\n[ +0.000005] ? __pfx_vfs_write+0x10/0xA10\n[ +0.000004] ? do_fcntl+0x52c/0xcd0\n[ +0.000004] ? kasan_save_track+0x13/0x60\n[ +0.000003] ? kasan_save_free_info+0x37/0x60\n[ +0.000006] ksys_write+0xfa/0x1d0\n[ +0.000003] ? __pfx_ksys_write+0x10/0x10\n[ +0.000002] ? __x64_sys_fcntl+0x121/0x180\n[ +0.000004] ? _raw_spin_lock+0x87/0xe0\n[ +0.000005] do_syscall_64+0x80/0x170\n[ +0.000007] ? _raw_spin_lock+0x87/0xe0\n[ +0.000004] ? __pfx__raw_spin_lock+0x10/0x10\n[ +0.000003] ? file_close_fd_locked+0x167/0x230\n[ +0.000005] ? syscall_exit_to_user_mode+0x7d/0x220\n[ +0.000005] ? do_syscall_64+0x8c/0x170\n[ +0.000004] ? do_syscall_64+0x8c/0x170\n[ +0.000003] ? do_syscall_64+0x8c/0x170\n[ +0.000003] ? fput+0x1a/0x2c0\n[ +0.000004] ? filp_close+0x19/0x30\n[ +0.000004] ? do_dup2+0x25a/0x4c0\n[ +0.000004] ? __x64_sys_dup2+0x6e/0x2e0\n[ +0.000002] ? syscall_exit_to_user_mode+0x7d/0x220\n[ +0.000004] ? do_syscall_64+0x8c/0x170\n[ +0.000003] ? __count_memcg_events+0x113/0x380\n[ +0.000005] ? handle_mm_fault+0x136/0x820\n[ +0.000005] ? do_user_addr_fault+0x444/0xa80\n[ +0.000004] ? clear_bhb_loop+0x25/0x80\n[ +0.000004] ? clear_bhb_loop+0x25/0x80\n[ +0.000002] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ +0.000005] RIP: 0033:0x7f2033593154",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46766",
"url": "https://www.suse.com/security/cve/CVE-2024-46766"
},
{
"category": "external",
"summary": "SUSE Bug 1230762 for CVE-2024-46766",
"url": "https://bugzilla.suse.com/1230762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46766"
},
{
"cve": "CVE-2024-46770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Add netif_device_attach/detach into PF reset flow\n\nEthtool callbacks can be executed while reset is in progress and try to\naccess deleted resources, e.g. getting coalesce settings can result in a\nNULL pointer dereference seen below.\n\nReproduction steps:\nOnce the driver is fully initialized, trigger reset:\n\t# echo 1 \u003e /sys/class/net/\u003cinterface\u003e/device/reset\nwhen reset is in progress try to get coalesce settings using ethtool:\n\t# ethtool -c \u003cinterface\u003e\n\nBUG: kernel NULL pointer dereference, address: 0000000000000020\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] PREEMPT SMP PTI\nCPU: 11 PID: 19713 Comm: ethtool Tainted: G S 6.10.0-rc7+ #7\nRIP: 0010:ice_get_q_coalesce+0x2e/0xa0 [ice]\nRSP: 0018:ffffbab1e9bcf6a8 EFLAGS: 00010206\nRAX: 000000000000000c RBX: ffff94512305b028 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffff9451c3f2e588 RDI: ffff9451c3f2e588\nRBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffff9451c3f2e580 R11: 000000000000001f R12: ffff945121fa9000\nR13: ffffbab1e9bcf760 R14: 0000000000000013 R15: ffffffff9e65dd40\nFS: 00007faee5fbe740(0000) GS:ffff94546fd80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000020 CR3: 0000000106c2e005 CR4: 00000000001706f0\nCall Trace:\n\u003cTASK\u003e\nice_get_coalesce+0x17/0x30 [ice]\ncoalesce_prepare_data+0x61/0x80\nethnl_default_doit+0xde/0x340\ngenl_family_rcv_msg_doit+0xf2/0x150\ngenl_rcv_msg+0x1b3/0x2c0\nnetlink_rcv_skb+0x5b/0x110\ngenl_rcv+0x28/0x40\nnetlink_unicast+0x19c/0x290\nnetlink_sendmsg+0x222/0x490\n__sys_sendto+0x1df/0x1f0\n__x64_sys_sendto+0x24/0x30\ndo_syscall_64+0x82/0x160\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7faee60d8e27\n\nCalling netif_device_detach() before reset makes the net core not call\nthe driver when ethtool command is issued, the attempt to execute an\nethtool command during reset will result in the following message:\n\n netlink error: No such device\n\ninstead of NULL pointer dereference. Once reset is done and\nice_rebuild() is executing, the netif_device_attach() is called to allow\nfor ethtool operations to occur again in a safe manner.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46770",
"url": "https://www.suse.com/security/cve/CVE-2024-46770"
},
{
"category": "external",
"summary": "SUSE Bug 1230763 for CVE-2024-46770",
"url": "https://bugzilla.suse.com/1230763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46770"
},
{
"cve": "CVE-2024-46775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Validate function returns\n\n[WHAT \u0026 HOW]\nFunction return values must be checked before data can be used\nin subsequent functions.\n\nThis fixes 4 CHECKED_RETURN issues reported by Coverity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46775",
"url": "https://www.suse.com/security/cve/CVE-2024-46775"
},
{
"category": "external",
"summary": "SUSE Bug 1230774 for CVE-2024-46775",
"url": "https://bugzilla.suse.com/1230774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46775"
},
{
"cve": "CVE-2024-46777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46777"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Avoid excessive partition lengths\n\nAvoid mounting filesystems where the partition would overflow the\n32-bits used for block number. Also refuse to mount filesystems where\nthe partition length is so large we cannot safely index bits in a\nblock bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46777",
"url": "https://www.suse.com/security/cve/CVE-2024-46777"
},
{
"category": "external",
"summary": "SUSE Bug 1230773 for CVE-2024-46777",
"url": "https://bugzilla.suse.com/1230773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46777"
},
{
"cve": "CVE-2024-46788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/osnoise: Use a cpumask to know what threads are kthreads\n\nThe start_kthread() and stop_thread() code was not always called with the\ninterface_lock held. This means that the kthread variable could be\nunexpectedly changed causing the kthread_stop() to be called on it when it\nshould not have been, leading to:\n\n while true; do\n rtla timerlat top -u -q \u0026 PID=$!;\n sleep 5;\n kill -INT $PID;\n sleep 0.001;\n kill -TERM $PID;\n wait $PID;\n done\n\nCausing the following OOPS:\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] PREEMPT SMP KASAN PTI\n KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\n CPU: 5 UID: 0 PID: 885 Comm: timerlatu/5 Not tainted 6.11.0-rc4-test-00002-gbc754cc76d1b-dirty #125 a533010b71dab205ad2f507188ce8c82203b0254\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:hrtimer_active+0x58/0x300\n Code: 48 c1 ee 03 41 54 48 01 d1 48 01 d6 55 53 48 83 ec 20 80 39 00 0f 85 30 02 00 00 49 8b 6f 30 4c 8d 75 10 4c 89 f0 48 c1 e8 03 \u003c0f\u003e b6 3c 10 4c 89 f0 83 e0 07 83 c0 03 40 38 f8 7c 09 40 84 ff 0f\n RSP: 0018:ffff88811d97f940 EFLAGS: 00010202\n RAX: 0000000000000002 RBX: ffff88823c6b5b28 RCX: ffffed10478d6b6b\n RDX: dffffc0000000000 RSI: ffffed10478d6b6c RDI: ffff88823c6b5b28\n RBP: 0000000000000000 R08: ffff88823c6b5b58 R09: ffff88823c6b5b60\n R10: ffff88811d97f957 R11: 0000000000000010 R12: 00000000000a801d\n R13: ffff88810d8b35d8 R14: 0000000000000010 R15: ffff88823c6b5b28\n FS: 0000000000000000(0000) GS:ffff88823c680000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000561858ad7258 CR3: 000000007729e001 CR4: 0000000000170ef0\n Call Trace:\n \u003cTASK\u003e\n ? die_addr+0x40/0xa0\n ? exc_general_protection+0x154/0x230\n ? asm_exc_general_protection+0x26/0x30\n ? hrtimer_active+0x58/0x300\n ? __pfx_mutex_lock+0x10/0x10\n ? __pfx_locks_remove_file+0x10/0x10\n hrtimer_cancel+0x15/0x40\n timerlat_fd_release+0x8e/0x1f0\n ? security_file_release+0x43/0x80\n __fput+0x372/0xb10\n task_work_run+0x11e/0x1f0\n ? _raw_spin_lock+0x85/0xe0\n ? __pfx_task_work_run+0x10/0x10\n ? poison_slab_object+0x109/0x170\n ? do_exit+0x7a0/0x24b0\n do_exit+0x7bd/0x24b0\n ? __pfx_migrate_enable+0x10/0x10\n ? __pfx_do_exit+0x10/0x10\n ? __pfx_read_tsc+0x10/0x10\n ? ktime_get+0x64/0x140\n ? _raw_spin_lock_irq+0x86/0xe0\n do_group_exit+0xb0/0x220\n get_signal+0x17ba/0x1b50\n ? vfs_read+0x179/0xa40\n ? timerlat_fd_read+0x30b/0x9d0\n ? __pfx_get_signal+0x10/0x10\n ? __pfx_timerlat_fd_read+0x10/0x10\n arch_do_signal_or_restart+0x8c/0x570\n ? __pfx_arch_do_signal_or_restart+0x10/0x10\n ? vfs_read+0x179/0xa40\n ? ksys_read+0xfe/0x1d0\n ? __pfx_ksys_read+0x10/0x10\n syscall_exit_to_user_mode+0xbc/0x130\n do_syscall_64+0x74/0x110\n ? __pfx___rseq_handle_notify_resume+0x10/0x10\n ? __pfx_ksys_read+0x10/0x10\n ? fpregs_restore_userregs+0xdb/0x1e0\n ? fpregs_restore_userregs+0xdb/0x1e0\n ? syscall_exit_to_user_mode+0x116/0x130\n ? do_syscall_64+0x74/0x110\n ? do_syscall_64+0x74/0x110\n ? do_syscall_64+0x74/0x110\n entry_SYSCALL_64_after_hwframe+0x71/0x79\n RIP: 0033:0x7ff0070eca9c\n Code: Unable to access opcode bytes at 0x7ff0070eca72.\n RSP: 002b:00007ff006dff8c0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00007ff0070eca9c\n RDX: 0000000000000400 RSI: 00007ff006dff9a0 RDI: 0000000000000003\n RBP: 00007ff006dffde0 R08: 0000000000000000 R09: 00007ff000000ba0\n R10: 00007ff007004b08 R11: 0000000000000246 R12: 0000000000000003\n R13: 00007ff006dff9a0 R14: 0000000000000007 R15: 0000000000000008\n \u003c/TASK\u003e\n Modules linked in: snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi snd_hda_codec snd_hwdep snd_hda_core\n ---[ end trace 0000000000000000 ]---\n\nThis is because it would mistakenly call kthread_stop() on a user space\nthread making it \"exit\" before it actually exits.\n\nSince kthread\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46788",
"url": "https://www.suse.com/security/cve/CVE-2024-46788"
},
{
"category": "external",
"summary": "SUSE Bug 1230817 for CVE-2024-46788",
"url": "https://bugzilla.suse.com/1230817"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46788"
},
{
"cve": "CVE-2024-46797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/qspinlock: Fix deadlock in MCS queue\n\nIf an interrupt occurs in queued_spin_lock_slowpath() after we increment\nqnodesp-\u003ecount and before node-\u003elock is initialized, another CPU might\nsee stale lock values in get_tail_qnode(). If the stale lock value happens\nto match the lock on that CPU, then we write to the \"next\" pointer of\nthe wrong qnode. This causes a deadlock as the former CPU, once it becomes\nthe head of the MCS queue, will spin indefinitely until it\u0027s \"next\" pointer\nis set by its successor in the queue.\n\nRunning stress-ng on a 16 core (16EC/16VP) shared LPAR, results in\noccasional lockups similar to the following:\n\n $ stress-ng --all 128 --vm-bytes 80% --aggressive \\\n --maximize --oomable --verify --syslog \\\n --metrics --times --timeout 5m\n\n watchdog: CPU 15 Hard LOCKUP\n ......\n NIP [c0000000000b78f4] queued_spin_lock_slowpath+0x1184/0x1490\n LR [c000000001037c5c] _raw_spin_lock+0x6c/0x90\n Call Trace:\n 0xc000002cfffa3bf0 (unreliable)\n _raw_spin_lock+0x6c/0x90\n raw_spin_rq_lock_nested.part.135+0x4c/0xd0\n sched_ttwu_pending+0x60/0x1f0\n __flush_smp_call_function_queue+0x1dc/0x670\n smp_ipi_demux_relaxed+0xa4/0x100\n xive_muxed_ipi_action+0x20/0x40\n __handle_irq_event_percpu+0x80/0x240\n handle_irq_event_percpu+0x2c/0x80\n handle_percpu_irq+0x84/0xd0\n generic_handle_irq+0x54/0x80\n __do_irq+0xac/0x210\n __do_IRQ+0x74/0xd0\n 0x0\n do_IRQ+0x8c/0x170\n hardware_interrupt_common_virt+0x29c/0x2a0\n --- interrupt: 500 at queued_spin_lock_slowpath+0x4b8/0x1490\n ......\n NIP [c0000000000b6c28] queued_spin_lock_slowpath+0x4b8/0x1490\n LR [c000000001037c5c] _raw_spin_lock+0x6c/0x90\n --- interrupt: 500\n 0xc0000029c1a41d00 (unreliable)\n _raw_spin_lock+0x6c/0x90\n futex_wake+0x100/0x260\n do_futex+0x21c/0x2a0\n sys_futex+0x98/0x270\n system_call_exception+0x14c/0x2f0\n system_call_vectored_common+0x15c/0x2ec\n\nThe following code flow illustrates how the deadlock occurs.\nFor the sake of brevity, assume that both locks (A and B) are\ncontended and we call the queued_spin_lock_slowpath() function.\n\n CPU0 CPU1\n ---- ----\n spin_lock_irqsave(A) |\n spin_unlock_irqrestore(A) |\n spin_lock(B) |\n | |\n v |\n id = qnodesp-\u003ecount++; |\n (Note that nodes[0].lock == A) |\n | |\n v |\n Interrupt |\n (happens before \"nodes[0].lock = B\") |\n | |\n v |\n spin_lock_irqsave(A) |\n | |\n v |\n id = qnodesp-\u003ecount++ |\n nodes[1].lock = A |\n | |\n v |\n Tail of MCS queue |\n | spin_lock_irqsave(A)\n v |\n Head of MCS queue v\n | CPU0 is previous tail\n v |\n Spin indefinitely v\n (until \"nodes[1].next != NULL\") prev = get_tail_qnode(A, CPU0)\n |\n v\n prev == \u0026qnodes[CPU0].nodes[0]\n (as qnodes\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46797",
"url": "https://www.suse.com/security/cve/CVE-2024-46797"
},
{
"category": "external",
"summary": "SUSE Bug 1230831 for CVE-2024-46797",
"url": "https://bugzilla.suse.com/1230831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46797"
},
{
"cve": "CVE-2024-46800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch/netem: fix use after free in netem_dequeue\n\nIf netem_dequeue() enqueues packet to inner qdisc and that qdisc\nreturns __NET_XMIT_STOLEN. The packet is dropped but\nqdisc_tree_reduce_backlog() is not called to update the parent\u0027s\nq.qlen, leading to the similar use-after-free as Commit\ne04991a48dbaf382 (\"netem: fix return value if duplicate enqueue\nfails\")\n\nCommands to trigger KASAN UaF:\n\nip link add type dummy\nip link set lo up\nip link set dummy0 up\ntc qdisc add dev lo parent root handle 1: drr\ntc filter add dev lo parent 1: basic classid 1:1\ntc class add dev lo classid 1:1 drr\ntc qdisc add dev lo parent 1:1 handle 2: netem\ntc qdisc add dev lo parent 2: handle 3: drr\ntc filter add dev lo parent 3: basic classid 3:1 action mirred egress\nredirect dev dummy0\ntc class add dev lo classid 3:1 drr\nping -c1 -W0.01 localhost # Trigger bug\ntc class del dev lo classid 1:1\ntc class add dev lo classid 1:1 drr\nping -c1 -W0.01 localhost # UaF",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46800",
"url": "https://www.suse.com/security/cve/CVE-2024-46800"
},
{
"category": "external",
"summary": "SUSE Bug 1230827 for CVE-2024-46800",
"url": "https://bugzilla.suse.com/1230827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46800"
},
{
"cve": "CVE-2024-46802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46802"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: added NULL check at start of dc_validate_stream\n\n[Why]\nprevent invalid memory access\n\n[How]\ncheck if dc and stream are NULL",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46802",
"url": "https://www.suse.com/security/cve/CVE-2024-46802"
},
{
"category": "external",
"summary": "SUSE Bug 1231111 for CVE-2024-46802",
"url": "https://bugzilla.suse.com/1231111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46802"
},
{
"cve": "CVE-2024-46803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Check debug trap enable before write dbg_ev_file\n\nIn interrupt context, write dbg_ev_file will be run by work queue. It\nwill cause write dbg_ev_file execution after debug_trap_disable, which\nwill cause NULL pointer access.\nv2: cancel work \"debug_event_workarea\" before set dbg_ev_file as NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46803",
"url": "https://www.suse.com/security/cve/CVE-2024-46803"
},
{
"category": "external",
"summary": "SUSE Bug 1231131 for CVE-2024-46803",
"url": "https://bugzilla.suse.com/1231131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46803"
},
{
"cve": "CVE-2024-46804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add array index check for hdcp ddc access\n\n[Why]\nCoverity reports OVERRUN warning. Do not check if array\nindex valid.\n\n[How]\nCheck msg_id valid and valid array index.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46804",
"url": "https://www.suse.com/security/cve/CVE-2024-46804"
},
{
"category": "external",
"summary": "SUSE Bug 1231132 for CVE-2024-46804",
"url": "https://bugzilla.suse.com/1231132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46804"
},
{
"cve": "CVE-2024-46805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix the waring dereferencing hive\n\nCheck the amdgpu_hive_info *hive that maybe is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46805",
"url": "https://www.suse.com/security/cve/CVE-2024-46805"
},
{
"category": "external",
"summary": "SUSE Bug 1231135 for CVE-2024-46805",
"url": "https://bugzilla.suse.com/1231135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46805"
},
{
"cve": "CVE-2024-46806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix the warning division or modulo by zero\n\nChecks the partition mode and returns an error for an invalid mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46806",
"url": "https://www.suse.com/security/cve/CVE-2024-46806"
},
{
"category": "external",
"summary": "SUSE Bug 1231136 for CVE-2024-46806",
"url": "https://bugzilla.suse.com/1231136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46806"
},
{
"cve": "CVE-2024-46807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/amdgpu: Check tbo resource pointer\n\nValidate tbo resource pointer, skip if NULL",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46807",
"url": "https://www.suse.com/security/cve/CVE-2024-46807"
},
{
"category": "external",
"summary": "SUSE Bug 1231138 for CVE-2024-46807",
"url": "https://bugzilla.suse.com/1231138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46807"
},
{
"cve": "CVE-2024-46809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check BIOS images before it is used\n\nBIOS images may fail to load and null checks are added before they are\nused.\n\nThis fixes 6 NULL_RETURNS issues reported by Coverity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46809",
"url": "https://www.suse.com/security/cve/CVE-2024-46809"
},
{
"category": "external",
"summary": "SUSE Bug 1231148 for CVE-2024-46809",
"url": "https://bugzilla.suse.com/1231148"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46809"
},
{
"cve": "CVE-2024-46810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ\n\nMake sure the connector is fully initialized before signalling any\nHPD events via drm_kms_helper_hotplug_event(), otherwise this may\nlead to NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46810",
"url": "https://www.suse.com/security/cve/CVE-2024-46810"
},
{
"category": "external",
"summary": "SUSE Bug 1231178 for CVE-2024-46810",
"url": "https://bugzilla.suse.com/1231178"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46810"
},
{
"cve": "CVE-2024-46811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box\n\n[Why]\nCoverity reports OVERRUN warning. soc.num_states could\nbe 40. But array range of bw_params-\u003eclk_table.entries is 8.\n\n[How]\nAssert if soc.num_states greater than 8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46811",
"url": "https://www.suse.com/security/cve/CVE-2024-46811"
},
{
"category": "external",
"summary": "SUSE Bug 1231179 for CVE-2024-46811",
"url": "https://bugzilla.suse.com/1231179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46811"
},
{
"cve": "CVE-2024-46812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration\n\n[Why]\nCoverity reports Memory - illegal accesses.\n\n[How]\nSkip inactive planes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46812",
"url": "https://www.suse.com/security/cve/CVE-2024-46812"
},
{
"category": "external",
"summary": "SUSE Bug 1231187 for CVE-2024-46812",
"url": "https://bugzilla.suse.com/1231187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46812"
},
{
"cve": "CVE-2024-46813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check link_index before accessing dc-\u003elinks[]\n\n[WHY \u0026 HOW]\ndc-\u003elinks[] has max size of MAX_LINKS and NULL is return when trying to\naccess with out-of-bound index.\n\nThis fixes 3 OVERRUN and 1 RESOURCE_LEAK issues reported by Coverity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46813",
"url": "https://www.suse.com/security/cve/CVE-2024-46813"
},
{
"category": "external",
"summary": "SUSE Bug 1231191 for CVE-2024-46813",
"url": "https://bugzilla.suse.com/1231191"
},
{
"category": "external",
"summary": "SUSE Bug 1231192 for CVE-2024-46813",
"url": "https://bugzilla.suse.com/1231192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-46813"
},
{
"cve": "CVE-2024-46814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check msg_id before processing transcation\n\n[WHY \u0026 HOW]\nHDCP_MESSAGE_ID_INVALID (-1) is not a valid msg_id nor is it a valid\narray index, and it needs checking before used.\n\nThis fixes 4 OVERRUN issues reported by Coverity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46814",
"url": "https://www.suse.com/security/cve/CVE-2024-46814"
},
{
"category": "external",
"summary": "SUSE Bug 1231193 for CVE-2024-46814",
"url": "https://bugzilla.suse.com/1231193"
},
{
"category": "external",
"summary": "SUSE Bug 1231194 for CVE-2024-46814",
"url": "https://bugzilla.suse.com/1231194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-46814"
},
{
"cve": "CVE-2024-46815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]\n\n[WHY \u0026 HOW]\nnum_valid_sets needs to be checked to avoid a negative index when\naccessing reader_wm_sets[num_valid_sets - 1].\n\nThis fixes an OVERRUN issue reported by Coverity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46815",
"url": "https://www.suse.com/security/cve/CVE-2024-46815"
},
{
"category": "external",
"summary": "SUSE Bug 1231195 for CVE-2024-46815",
"url": "https://bugzilla.suse.com/1231195"
},
{
"category": "external",
"summary": "SUSE Bug 1231196 for CVE-2024-46815",
"url": "https://bugzilla.suse.com/1231196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-46815"
},
{
"cve": "CVE-2024-46816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links\n\n[Why]\nCoverity report OVERRUN warning. There are\nonly max_links elements within dc-\u003elinks. link\ncount could up to AMDGPU_DM_MAX_DISPLAY_INDEX 31.\n\n[How]\nMake sure link count less than max_links.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46816",
"url": "https://www.suse.com/security/cve/CVE-2024-46816"
},
{
"category": "external",
"summary": "SUSE Bug 1231197 for CVE-2024-46816",
"url": "https://bugzilla.suse.com/1231197"
},
{
"category": "external",
"summary": "SUSE Bug 1231198 for CVE-2024-46816",
"url": "https://bugzilla.suse.com/1231198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-46816"
},
{
"cve": "CVE-2024-46817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6\n\n[Why]\nCoverity reports OVERRUN warning. Should abort amdgpu_dm\ninitialize.\n\n[How]\nReturn failure to amdgpu_dm_init.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46817",
"url": "https://www.suse.com/security/cve/CVE-2024-46817"
},
{
"category": "external",
"summary": "SUSE Bug 1231200 for CVE-2024-46817",
"url": "https://bugzilla.suse.com/1231200"
},
{
"category": "external",
"summary": "SUSE Bug 1231201 for CVE-2024-46817",
"url": "https://bugzilla.suse.com/1231201"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-46817"
},
{
"cve": "CVE-2024-46818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46818"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check gpio_id before used as array index\n\n[WHY \u0026 HOW]\nGPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore\nshould be checked in advance.\n\nThis fixes 5 OVERRUN issues reported by Coverity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46818",
"url": "https://www.suse.com/security/cve/CVE-2024-46818"
},
{
"category": "external",
"summary": "SUSE Bug 1231203 for CVE-2024-46818",
"url": "https://bugzilla.suse.com/1231203"
},
{
"category": "external",
"summary": "SUSE Bug 1231204 for CVE-2024-46818",
"url": "https://bugzilla.suse.com/1231204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-46818"
},
{
"cve": "CVE-2024-46819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: the warning dereferencing obj for nbio_v7_4\n\nif ras_manager obj null, don\u0027t print NBIO err data",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46819",
"url": "https://www.suse.com/security/cve/CVE-2024-46819"
},
{
"category": "external",
"summary": "SUSE Bug 1231202 for CVE-2024-46819",
"url": "https://bugzilla.suse.com/1231202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46819"
},
{
"cve": "CVE-2024-46821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: Fix negative array index read\n\nAvoid using the negative values\nfor clk_idex as an index into an array pptable-\u003eDpmDescriptor.\n\nV2: fix clk_index return check (Tim Huang)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46821",
"url": "https://www.suse.com/security/cve/CVE-2024-46821"
},
{
"category": "external",
"summary": "SUSE Bug 1231169 for CVE-2024-46821",
"url": "https://bugzilla.suse.com/1231169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46821"
},
{
"cve": "CVE-2024-46825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check\n\nThe lookup function iwl_mvm_rcu_fw_link_id_to_link_conf() is\nnormally called with input from the firmware, so it should use\nIWL_FW_CHECK() instead of WARN_ON().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46825",
"url": "https://www.suse.com/security/cve/CVE-2024-46825"
},
{
"category": "external",
"summary": "SUSE Bug 1231170 for CVE-2024-46825",
"url": "https://bugzilla.suse.com/1231170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46825"
},
{
"cve": "CVE-2024-46826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nELF: fix kernel.randomize_va_space double read\n\nELF loader uses \"randomize_va_space\" twice. It is sysctl and can change\nat any moment, so 2 loads could see 2 different values in theory with\nunpredictable consequences.\n\nIssue exactly one load for consistent value across one exec.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46826",
"url": "https://www.suse.com/security/cve/CVE-2024-46826"
},
{
"category": "external",
"summary": "SUSE Bug 1231115 for CVE-2024-46826",
"url": "https://bugzilla.suse.com/1231115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46826"
},
{
"cve": "CVE-2024-46827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46827"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix firmware crash due to invalid peer nss\n\nCurrently, if the access point receives an association\nrequest containing an Extended HE Capabilities Information\nElement with an invalid MCS-NSS, it triggers a firmware\ncrash.\n\nThis issue arises when EHT-PHY capabilities shows support\nfor a bandwidth and MCS-NSS set for that particular\nbandwidth is filled by zeros and due to this, driver obtains\npeer_nss as 0 and sending this value to firmware causes\ncrash.\n\nAddress this issue by implementing a validation step for\nthe peer_nss value before passing it to the firmware. If\nthe value is greater than zero, proceed with forwarding\nit to the firmware. However, if the value is invalid,\nreject the association request to prevent potential\nfirmware crashes.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46827",
"url": "https://www.suse.com/security/cve/CVE-2024-46827"
},
{
"category": "external",
"summary": "SUSE Bug 1231171 for CVE-2024-46827",
"url": "https://bugzilla.suse.com/1231171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46827"
},
{
"cve": "CVE-2024-46828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: sch_cake: fix bulk flow accounting logic for host fairness\n\nIn sch_cake, we keep track of the count of active bulk flows per host,\nwhen running in dst/src host fairness mode, which is used as the\nround-robin weight when iterating through flows. The count of active\nbulk flows is updated whenever a flow changes state.\n\nThis has a peculiar interaction with the hash collision handling: when a\nhash collision occurs (after the set-associative hashing), the state of\nthe hash bucket is simply updated to match the new packet that collided,\nand if host fairness is enabled, that also means assigning new per-host\nstate to the flow. For this reason, the bulk flow counters of the\nhost(s) assigned to the flow are decremented, before new state is\nassigned (and the counters, which may not belong to the same host\nanymore, are incremented again).\n\nBack when this code was introduced, the host fairness mode was always\nenabled, so the decrement was unconditional. When the configuration\nflags were introduced the *increment* was made conditional, but\nthe *decrement* was not. Which of course can lead to a spurious\ndecrement (and associated wrap-around to U16_MAX).\n\nAFAICT, when host fairness is disabled, the decrement and wrap-around\nhappens as soon as a hash collision occurs (which is not that common in\nitself, due to the set-associative hashing). However, in most cases this\nis harmless, as the value is only used when host fairness mode is\nenabled. So in order to trigger an array overflow, sch_cake has to first\nbe configured with host fairness disabled, and while running in this\nmode, a hash collision has to occur to cause the overflow. Then, the\nqdisc has to be reconfigured to enable host fairness, which leads to the\narray out-of-bounds because the wrapped-around value is retained and\nused as an array index. It seems that syzbot managed to trigger this,\nwhich is quite impressive in its own right.\n\nThis patch fixes the issue by introducing the same conditional check on\ndecrement as is used on increment.\n\nThe original bug predates the upstreaming of cake, but the commit listed\nin the Fixes tag touched that code, meaning that this patch won\u0027t apply\nbefore that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46828",
"url": "https://www.suse.com/security/cve/CVE-2024-46828"
},
{
"category": "external",
"summary": "SUSE Bug 1231114 for CVE-2024-46828",
"url": "https://bugzilla.suse.com/1231114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46828"
},
{
"cve": "CVE-2024-46830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Acquire kvm-\u003esrcu when handling KVM_SET_VCPU_EVENTS\n\nGrab kvm-\u003esrcu when processing KVM_SET_VCPU_EVENTS, as KVM will forcibly\nleave nested VMX/SVM if SMM mode is being toggled, and leaving nested VMX\nreads guest memory.\n\nNote, kvm_vcpu_ioctl_x86_set_vcpu_events() can also be called from KVM_RUN\nvia sync_regs(), which already holds SRCU. I.e. trying to precisely use\nkvm_vcpu_srcu_read_lock() around the problematic SMM code would cause\nproblems. Acquiring SRCU isn\u0027t all that expensive, so for simplicity,\ngrab it unconditionally for KVM_SET_VCPU_EVENTS.\n\n =============================\n WARNING: suspicious RCU usage\n 6.10.0-rc7-332d2c1d713e-next-vm #552 Not tainted\n -----------------------------\n include/linux/kvm_host.h:1027 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by repro/1071:\n #0: ffff88811e424430 (\u0026vcpu-\u003emutex){+.+.}-{3:3}, at: kvm_vcpu_ioctl+0x7d/0x970 [kvm]\n\n stack backtrace:\n CPU: 15 PID: 1071 Comm: repro Not tainted 6.10.0-rc7-332d2c1d713e-next-vm #552\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x7f/0x90\n lockdep_rcu_suspicious+0x13f/0x1a0\n kvm_vcpu_gfn_to_memslot+0x168/0x190 [kvm]\n kvm_vcpu_read_guest+0x3e/0x90 [kvm]\n nested_vmx_load_msr+0x6b/0x1d0 [kvm_intel]\n load_vmcs12_host_state+0x432/0xb40 [kvm_intel]\n vmx_leave_nested+0x30/0x40 [kvm_intel]\n kvm_vcpu_ioctl_x86_set_vcpu_events+0x15d/0x2b0 [kvm]\n kvm_arch_vcpu_ioctl+0x1107/0x1750 [kvm]\n ? mark_held_locks+0x49/0x70\n ? kvm_vcpu_ioctl+0x7d/0x970 [kvm]\n ? kvm_vcpu_ioctl+0x497/0x970 [kvm]\n kvm_vcpu_ioctl+0x497/0x970 [kvm]\n ? lock_acquire+0xba/0x2d0\n ? find_held_lock+0x2b/0x80\n ? do_user_addr_fault+0x40c/0x6f0\n ? lock_release+0xb7/0x270\n __x64_sys_ioctl+0x82/0xb0\n do_syscall_64+0x6c/0x170\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n RIP: 0033:0x7ff11eb1b539\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46830",
"url": "https://www.suse.com/security/cve/CVE-2024-46830"
},
{
"category": "external",
"summary": "SUSE Bug 1231116 for CVE-2024-46830",
"url": "https://bugzilla.suse.com/1231116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46830"
},
{
"cve": "CVE-2024-46831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: microchip: vcap: Fix use-after-free error in kunit test\n\nThis is a clear use-after-free error. We remove it, and rely on checking\nthe return code of vcap_del_rule.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46831",
"url": "https://www.suse.com/security/cve/CVE-2024-46831"
},
{
"category": "external",
"summary": "SUSE Bug 1231117 for CVE-2024-46831",
"url": "https://bugzilla.suse.com/1231117"
},
{
"category": "external",
"summary": "SUSE Bug 1236242 for CVE-2024-46831",
"url": "https://bugzilla.suse.com/1236242"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-46831"
},
{
"cve": "CVE-2024-46834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nethtool: fail closed if we can\u0027t get max channel used in indirection tables\n\nCommit 0d1b7d6c9274 (\"bnxt: fix crashes when reducing ring count with\nactive RSS contexts\") proves that allowing indirection table to contain\nchannels with out of bounds IDs may lead to crashes. Currently the\nmax channel check in the core gets skipped if driver can\u0027t fetch\nthe indirection table or when we can\u0027t allocate memory.\n\nBoth of those conditions should be extremely rare but if they do\nhappen we should try to be safe and fail the channel change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46834",
"url": "https://www.suse.com/security/cve/CVE-2024-46834"
},
{
"category": "external",
"summary": "SUSE Bug 1231096 for CVE-2024-46834",
"url": "https://bugzilla.suse.com/1231096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46834"
},
{
"cve": "CVE-2024-46835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix smatch static checker warning\n\nadev-\u003egfx.imu.funcs could be NULL",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46835",
"url": "https://www.suse.com/security/cve/CVE-2024-46835"
},
{
"category": "external",
"summary": "SUSE Bug 1231098 for CVE-2024-46835",
"url": "https://bugzilla.suse.com/1231098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46835"
},
{
"cve": "CVE-2024-46836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: aspeed_udc: validate endpoint index for ast udc\n\nWe should verify the bound of the array to assure that host\nmay not manipulate the index to point past endpoint array.\n\nFound by static analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46836",
"url": "https://www.suse.com/security/cve/CVE-2024-46836"
},
{
"category": "external",
"summary": "SUSE Bug 1231092 for CVE-2024-46836",
"url": "https://bugzilla.suse.com/1231092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46836"
},
{
"cve": "CVE-2024-46840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: clean up our handling of refs == 0 in snapshot delete\n\nIn reada we BUG_ON(refs == 0), which could be unkind since we aren\u0027t\nholding a lock on the extent leaf and thus could get a transient\nincorrect answer. In walk_down_proc we also BUG_ON(refs == 0), which\ncould happen if we have extent tree corruption. Change that to return\n-EUCLEAN. In do_walk_down() we catch this case and handle it correctly,\nhowever we return -EIO, which -EUCLEAN is a more appropriate error code.\nFinally in walk_up_proc we have the same BUG_ON(refs == 0), so convert\nthat to proper error handling. Also adjust the error message so we can\nactually do something with the information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46840",
"url": "https://www.suse.com/security/cve/CVE-2024-46840"
},
{
"category": "external",
"summary": "SUSE Bug 1231105 for CVE-2024-46840",
"url": "https://bugzilla.suse.com/1231105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46840"
},
{
"cve": "CVE-2024-46841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: don\u0027t BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc()\n\nWe handle errors here properly, ENOMEM isn\u0027t fatal, return the error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46841",
"url": "https://www.suse.com/security/cve/CVE-2024-46841"
},
{
"category": "external",
"summary": "SUSE Bug 1231094 for CVE-2024-46841",
"url": "https://bugzilla.suse.com/1231094"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46841"
},
{
"cve": "CVE-2024-46842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info\n\nThe MBX_TIMEOUT return code is not handled in lpfc_get_sfp_info and the\nroutine unconditionally frees submitted mailbox commands regardless of\nreturn status. The issue is that for MBX_TIMEOUT cases, when firmware\nreturns SFP information at a later time, that same mailbox memory region\nreferences previously freed memory in its cmpl routine.\n\nFix by adding checks for the MBX_TIMEOUT return code. During mailbox\nresource cleanup, check the mbox flag to make sure that the wait did not\ntimeout. If the MBOX_WAKE flag is not set, then do not free the resources\nbecause it will be freed when firmware completes the mailbox at a later\ntime in its cmpl routine.\n\nAlso, increase the timeout from 30 to 60 seconds to accommodate boot\nscripts requiring longer timeouts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46842",
"url": "https://www.suse.com/security/cve/CVE-2024-46842"
},
{
"category": "external",
"summary": "SUSE Bug 1231101 for CVE-2024-46842",
"url": "https://bugzilla.suse.com/1231101"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46842"
},
{
"cve": "CVE-2024-46843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46843"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Remove SCSI host only if added\n\nIf host tries to remove ufshcd driver from a UFS device it would cause a\nkernel panic if ufshcd_async_scan fails during ufshcd_probe_hba before\nadding a SCSI host with scsi_add_host and MCQ is enabled since SCSI host\nhas been defered after MCQ configuration introduced by commit 0cab4023ec7b\n(\"scsi: ufs: core: Defer adding host to SCSI if MCQ is supported\").\n\nTo guarantee that SCSI host is removed only if it has been added, set the\nscsi_host_added flag to true after adding a SCSI host and check whether it\nis set or not before removing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46843",
"url": "https://www.suse.com/security/cve/CVE-2024-46843"
},
{
"category": "external",
"summary": "SUSE Bug 1231100 for CVE-2024-46843",
"url": "https://bugzilla.suse.com/1231100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46843"
},
{
"cve": "CVE-2024-46845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46845"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/timerlat: Only clear timer if a kthread exists\n\nThe timerlat tracer can use user space threads to check for osnoise and\ntimer latency. If the program using this is killed via a SIGTERM, the\nthreads are shutdown one at a time and another tracing instance can start\nup resetting the threads before they are fully closed. That causes the\nhrtimer assigned to the kthread to be shutdown and freed twice when the\ndying thread finally closes the file descriptors, causing a use-after-free\nbug.\n\nOnly cancel the hrtimer if the associated thread is still around. Also add\nthe interface_lock around the resetting of the tlat_var-\u003ekthread.\n\nNote, this is just a quick fix that can be backported to stable. A real\nfix is to have a better synchronization between the shutdown of old\nthreads and the starting of new ones.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46845",
"url": "https://www.suse.com/security/cve/CVE-2024-46845"
},
{
"category": "external",
"summary": "SUSE Bug 1231076 for CVE-2024-46845",
"url": "https://bugzilla.suse.com/1231076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46845"
},
{
"cve": "CVE-2024-46846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: rockchip: Resolve unbalanced runtime PM / system PM handling\n\nCommit e882575efc77 (\"spi: rockchip: Suspend and resume the bus during\nNOIRQ_SYSTEM_SLEEP_PM ops\") stopped respecting runtime PM status and\nsimply disabled clocks unconditionally when suspending the system. This\ncauses problems when the device is already runtime suspended when we go\nto sleep -- in which case we double-disable clocks and produce a\nWARNing.\n\nSwitch back to pm_runtime_force_{suspend,resume}(), because that still\nseems like the right thing to do, and the aforementioned commit makes no\nexplanation why it stopped using it.\n\nAlso, refactor some of the resume() error handling, because it\u0027s not\nactually a good idea to re-disable clocks on failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46846",
"url": "https://www.suse.com/security/cve/CVE-2024-46846"
},
{
"category": "external",
"summary": "SUSE Bug 1231075 for CVE-2024-46846",
"url": "https://bugzilla.suse.com/1231075"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46846"
},
{
"cve": "CVE-2024-46848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: Limit the period on Haswell\n\nRunning the ltp test cve-2015-3290 concurrently reports the following\nwarnings.\n\nperfevents: irq loop stuck!\n WARNING: CPU: 31 PID: 32438 at arch/x86/events/intel/core.c:3174\n intel_pmu_handle_irq+0x285/0x370\n Call Trace:\n \u003cNMI\u003e\n ? __warn+0xa4/0x220\n ? intel_pmu_handle_irq+0x285/0x370\n ? __report_bug+0x123/0x130\n ? intel_pmu_handle_irq+0x285/0x370\n ? __report_bug+0x123/0x130\n ? intel_pmu_handle_irq+0x285/0x370\n ? report_bug+0x3e/0xa0\n ? handle_bug+0x3c/0x70\n ? exc_invalid_op+0x18/0x50\n ? asm_exc_invalid_op+0x1a/0x20\n ? irq_work_claim+0x1e/0x40\n ? intel_pmu_handle_irq+0x285/0x370\n perf_event_nmi_handler+0x3d/0x60\n nmi_handle+0x104/0x330\n\nThanks to Thomas Gleixner\u0027s analysis, the issue is caused by the low\ninitial period (1) of the frequency estimation algorithm, which triggers\nthe defects of the HW, specifically erratum HSW11 and HSW143. (For the\ndetails, please refer https://lore.kernel.org/lkml/87plq9l5d2.ffs@tglx/)\n\nThe HSW11 requires a period larger than 100 for the INST_RETIRED.ALL\nevent, but the initial period in the freq mode is 1. The erratum is the\nsame as the BDM11, which has been supported in the kernel. A minimum\nperiod of 128 is enforced as well on HSW.\n\nHSW143 is regarding that the fixed counter 1 may overcount 32 with the\nHyper-Threading is enabled. However, based on the test, the hardware\nhas more issues than it tells. Besides the fixed counter 1, the message\n\u0027interrupt took too long\u0027 can be observed on any counter which was armed\nwith a period \u003c 32 and two events expired in the same NMI. A minimum\nperiod of 32 is enforced for the rest of the events.\nThe recommended workaround code of the HSW143 is not implemented.\nBecause it only addresses the issue for the fixed counter. It brings\nextra overhead through extra MSR writing. No related overcounting issue\nhas been reported so far.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46848",
"url": "https://www.suse.com/security/cve/CVE-2024-46848"
},
{
"category": "external",
"summary": "SUSE Bug 1231072 for CVE-2024-46848",
"url": "https://bugzilla.suse.com/1231072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46848"
},
{
"cve": "CVE-2024-46849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: meson: axg-card: fix \u0027use-after-free\u0027\n\nBuffer \u0027card-\u003edai_link\u0027 is reallocated in \u0027meson_card_reallocate_links()\u0027,\nso move \u0027pad\u0027 pointer initialization after this function when memory is\nalready reallocated.\n\nKasan bug report:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in axg_card_add_link+0x76c/0x9bc\nRead of size 8 at addr ffff000000e8b260 by task modprobe/356\n\nCPU: 0 PID: 356 Comm: modprobe Tainted: G O 6.9.12-sdkernel #1\nCall trace:\n dump_backtrace+0x94/0xec\n show_stack+0x18/0x24\n dump_stack_lvl+0x78/0x90\n print_report+0xfc/0x5c0\n kasan_report+0xb8/0xfc\n __asan_load8+0x9c/0xb8\n axg_card_add_link+0x76c/0x9bc [snd_soc_meson_axg_sound_card]\n meson_card_probe+0x344/0x3b8 [snd_soc_meson_card_utils]\n platform_probe+0x8c/0xf4\n really_probe+0x110/0x39c\n __driver_probe_device+0xb8/0x18c\n driver_probe_device+0x108/0x1d8\n __driver_attach+0xd0/0x25c\n bus_for_each_dev+0xe0/0x154\n driver_attach+0x34/0x44\n bus_add_driver+0x134/0x294\n driver_register+0xa8/0x1e8\n __platform_driver_register+0x44/0x54\n axg_card_pdrv_init+0x20/0x1000 [snd_soc_meson_axg_sound_card]\n do_one_initcall+0xdc/0x25c\n do_init_module+0x10c/0x334\n load_module+0x24c4/0x26cc\n init_module_from_file+0xd4/0x128\n __arm64_sys_finit_module+0x1f4/0x41c\n invoke_syscall+0x60/0x188\n el0_svc_common.constprop.0+0x78/0x13c\n do_el0_svc+0x30/0x40\n el0_svc+0x38/0x78\n el0t_64_sync_handler+0x100/0x12c\n el0t_64_sync+0x190/0x194",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46849",
"url": "https://www.suse.com/security/cve/CVE-2024-46849"
},
{
"category": "external",
"summary": "SUSE Bug 1231073 for CVE-2024-46849",
"url": "https://bugzilla.suse.com/1231073"
},
{
"category": "external",
"summary": "SUSE Bug 1231256 for CVE-2024-46849",
"url": "https://bugzilla.suse.com/1231256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-46849"
},
{
"cve": "CVE-2024-46851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid race between dcn10_set_drr() and dc_state_destruct()\n\ndc_state_destruct() nulls the resource context of the DC state. The pipe\ncontext passed to dcn10_set_drr() is a member of this resource context.\n\nIf dc_state_destruct() is called parallel to the IRQ processing (which\ncalls dcn10_set_drr() at some point), we can end up using already nulled\nfunction callback fields of struct stream_resource.\n\nThe logic in dcn10_set_drr() already tries to avoid this, by checking tg\nagainst NULL. But if the nulling happens exactly after the NULL check and\nbefore the next access, then we get a race.\n\nAvoid this by copying tg first to a local variable, and then use this\nvariable for all the operations. This should work, as long as nobody\nfrees the resource pool where the timing generators live.\n\n(cherry picked from commit a3cc326a43bdc48fbdf53443e1027a03e309b643)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46851",
"url": "https://www.suse.com/security/cve/CVE-2024-46851"
},
{
"category": "external",
"summary": "SUSE Bug 1231081 for CVE-2024-46851",
"url": "https://bugzilla.suse.com/1231081"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46851"
},
{
"cve": "CVE-2024-46852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf: heaps: Fix off-by-one in CMA heap fault handler\n\nUntil VM_DONTEXPAND was added in commit 1c1914d6e8c6 (\"dma-buf: heaps:\nDon\u0027t track CMA dma-buf pages under RssFile\") it was possible to obtain\na mapping larger than the buffer size via mremap and bypass the overflow\ncheck in dma_buf_mmap_internal. When using such a mapping to attempt to\nfault past the end of the buffer, the CMA heap fault handler also checks\nthe fault offset against the buffer size, but gets the boundary wrong by\n1. Fix the boundary check so that we don\u0027t read off the end of the pages\narray and insert an arbitrary page in the mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46852",
"url": "https://www.suse.com/security/cve/CVE-2024-46852"
},
{
"category": "external",
"summary": "SUSE Bug 1231082 for CVE-2024-46852",
"url": "https://bugzilla.suse.com/1231082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46852"
},
{
"cve": "CVE-2024-46853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: nxp-fspi: fix the KASAN report out-of-bounds bug\n\nChange the memcpy length to fix the out-of-bounds issue when writing the\ndata that is not 4 byte aligned to TX FIFO.\n\nTo reproduce the issue, write 3 bytes data to NOR chip.\n\ndd if=3b of=/dev/mtd0\n[ 36.926103] ==================================================================\n[ 36.933409] BUG: KASAN: slab-out-of-bounds in nxp_fspi_exec_op+0x26ec/0x2838\n[ 36.940514] Read of size 4 at addr ffff00081037c2a0 by task dd/455\n[ 36.946721]\n[ 36.948235] CPU: 3 UID: 0 PID: 455 Comm: dd Not tainted 6.11.0-rc5-gc7b0e37c8434 #1070\n[ 36.956185] Hardware name: Freescale i.MX8QM MEK (DT)\n[ 36.961260] Call trace:\n[ 36.963723] dump_backtrace+0x90/0xe8\n[ 36.967414] show_stack+0x18/0x24\n[ 36.970749] dump_stack_lvl+0x78/0x90\n[ 36.974451] print_report+0x114/0x5cc\n[ 36.978151] kasan_report+0xa4/0xf0\n[ 36.981670] __asan_report_load_n_noabort+0x1c/0x28\n[ 36.986587] nxp_fspi_exec_op+0x26ec/0x2838\n[ 36.990800] spi_mem_exec_op+0x8ec/0xd30\n[ 36.994762] spi_mem_no_dirmap_read+0x190/0x1e0\n[ 36.999323] spi_mem_dirmap_write+0x238/0x32c\n[ 37.003710] spi_nor_write_data+0x220/0x374\n[ 37.007932] spi_nor_write+0x110/0x2e8\n[ 37.011711] mtd_write_oob_std+0x154/0x1f0\n[ 37.015838] mtd_write_oob+0x104/0x1d0\n[ 37.019617] mtd_write+0xb8/0x12c\n[ 37.022953] mtdchar_write+0x224/0x47c\n[ 37.026732] vfs_write+0x1e4/0x8c8\n[ 37.030163] ksys_write+0xec/0x1d0\n[ 37.033586] __arm64_sys_write+0x6c/0x9c\n[ 37.037539] invoke_syscall+0x6c/0x258\n[ 37.041327] el0_svc_common.constprop.0+0x160/0x22c\n[ 37.046244] do_el0_svc+0x44/0x5c\n[ 37.049589] el0_svc+0x38/0x78\n[ 37.052681] el0t_64_sync_handler+0x13c/0x158\n[ 37.057077] el0t_64_sync+0x190/0x194\n[ 37.060775]\n[ 37.062274] Allocated by task 455:\n[ 37.065701] kasan_save_stack+0x2c/0x54\n[ 37.069570] kasan_save_track+0x20/0x3c\n[ 37.073438] kasan_save_alloc_info+0x40/0x54\n[ 37.077736] __kasan_kmalloc+0xa0/0xb8\n[ 37.081515] __kmalloc_noprof+0x158/0x2f8\n[ 37.085563] mtd_kmalloc_up_to+0x120/0x154\n[ 37.089690] mtdchar_write+0x130/0x47c\n[ 37.093469] vfs_write+0x1e4/0x8c8\n[ 37.096901] ksys_write+0xec/0x1d0\n[ 37.100332] __arm64_sys_write+0x6c/0x9c\n[ 37.104287] invoke_syscall+0x6c/0x258\n[ 37.108064] el0_svc_common.constprop.0+0x160/0x22c\n[ 37.112972] do_el0_svc+0x44/0x5c\n[ 37.116319] el0_svc+0x38/0x78\n[ 37.119401] el0t_64_sync_handler+0x13c/0x158\n[ 37.123788] el0t_64_sync+0x190/0x194\n[ 37.127474]\n[ 37.128977] The buggy address belongs to the object at ffff00081037c2a0\n[ 37.128977] which belongs to the cache kmalloc-8 of size 8\n[ 37.141177] The buggy address is located 0 bytes inside of\n[ 37.141177] allocated 3-byte region [ffff00081037c2a0, ffff00081037c2a3)\n[ 37.153465]\n[ 37.154971] The buggy address belongs to the physical page:\n[ 37.160559] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x89037c\n[ 37.168596] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)\n[ 37.175149] page_type: 0xfdffffff(slab)\n[ 37.179021] raw: 0bfffe0000000000 ffff000800002500 dead000000000122 0000000000000000\n[ 37.186788] raw: 0000000000000000 0000000080800080 00000001fdffffff 0000000000000000\n[ 37.194553] page dumped because: kasan: bad access detected\n[ 37.200144]\n[ 37.201647] Memory state around the buggy address:\n[ 37.206460] ffff00081037c180: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc\n[ 37.213701] ffff00081037c200: fa fc fc fc 05 fc fc fc 03 fc fc fc 02 fc fc fc\n[ 37.220946] \u003effff00081037c280: 06 fc fc fc 03 fc fc fc fc fc fc fc fc fc fc fc\n[ 37.228186] ^\n[ 37.232473] ffff00081037c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n[ 37.239718] ffff00081037c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n[ 37.246962] ==============================================================\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46853",
"url": "https://www.suse.com/security/cve/CVE-2024-46853"
},
{
"category": "external",
"summary": "SUSE Bug 1231083 for CVE-2024-46853",
"url": "https://bugzilla.suse.com/1231083"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46853"
},
{
"cve": "CVE-2024-46854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dpaa: Pad packets to ETH_ZLEN\n\nWhen sending packets under 60 bytes, up to three bytes of the buffer\nfollowing the data may be leaked. Avoid this by extending all packets to\nETH_ZLEN, ensuring nothing is leaked in the padding. This bug can be\nreproduced by running\n\n\t$ ping -s 11 destination",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46854",
"url": "https://www.suse.com/security/cve/CVE-2024-46854"
},
{
"category": "external",
"summary": "SUSE Bug 1231084 for CVE-2024-46854",
"url": "https://bugzilla.suse.com/1231084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46854"
},
{
"cve": "CVE-2024-46855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_socket: fix sk refcount leaks\n\nWe must put \u0027sk\u0027 reference before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46855",
"url": "https://www.suse.com/security/cve/CVE-2024-46855"
},
{
"category": "external",
"summary": "SUSE Bug 1231085 for CVE-2024-46855",
"url": "https://bugzilla.suse.com/1231085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46855"
},
{
"cve": "CVE-2024-46857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix bridge mode operations when there are no VFs\n\nCurrently, trying to set the bridge mode attribute when numvfs=0 leads to a\ncrash:\n\nbridge link set dev eth2 hwmode vepa\n\n[ 168.967392] BUG: kernel NULL pointer dereference, address: 0000000000000030\n[...]\n[ 168.969989] RIP: 0010:mlx5_add_flow_rules+0x1f/0x300 [mlx5_core]\n[...]\n[ 168.976037] Call Trace:\n[ 168.976188] \u003cTASK\u003e\n[ 168.978620] _mlx5_eswitch_set_vepa_locked+0x113/0x230 [mlx5_core]\n[ 168.979074] mlx5_eswitch_set_vepa+0x7f/0xa0 [mlx5_core]\n[ 168.979471] rtnl_bridge_setlink+0xe9/0x1f0\n[ 168.979714] rtnetlink_rcv_msg+0x159/0x400\n[ 168.980451] netlink_rcv_skb+0x54/0x100\n[ 168.980675] netlink_unicast+0x241/0x360\n[ 168.980918] netlink_sendmsg+0x1f6/0x430\n[ 168.981162] ____sys_sendmsg+0x3bb/0x3f0\n[ 168.982155] ___sys_sendmsg+0x88/0xd0\n[ 168.985036] __sys_sendmsg+0x59/0xa0\n[ 168.985477] do_syscall_64+0x79/0x150\n[ 168.987273] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 168.987773] RIP: 0033:0x7f8f7950f917\n\n(esw-\u003efdb_table.legacy.vepa_fdb is null)\n\nThe bridge mode is only relevant when there are multiple functions per\nport. Therefore, prevent setting and getting this setting when there are no\nVFs.\n\nNote that after this change, there are no settings to change on the PF\ninterface using `bridge link` when there are no VFs, so the interface no\nlonger appears in the `bridge link` output.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46857",
"url": "https://www.suse.com/security/cve/CVE-2024-46857"
},
{
"category": "external",
"summary": "SUSE Bug 1231087 for CVE-2024-46857",
"url": "https://bugzilla.suse.com/1231087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46857"
},
{
"cve": "CVE-2024-46859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: panasonic-laptop: Fix SINF array out of bounds accesses\n\nThe panasonic laptop code in various places uses the SINF array with index\nvalues of 0 - SINF_CUR_BRIGHT(0x0d) without checking that the SINF array\nis big enough.\n\nNot all panasonic laptops have this many SINF array entries, for example\nthe Toughbook CF-18 model only has 10 SINF array entries. So it only\nsupports the AC+DC brightness entries and mute.\n\nCheck that the SINF array has a minimum size which covers all AC+DC\nbrightness entries and refuse to load if the SINF array is smaller.\n\nFor higher SINF indexes hide the sysfs attributes when the SINF array\ndoes not contain an entry for that attribute, avoiding show()/store()\naccessing the array out of bounds and add bounds checking to the probe()\nand resume() code accessing these.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46859",
"url": "https://www.suse.com/security/cve/CVE-2024-46859"
},
{
"category": "external",
"summary": "SUSE Bug 1231089 for CVE-2024-46859",
"url": "https://bugzilla.suse.com/1231089"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46859"
},
{
"cve": "CVE-2024-46860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change\n\nWhen disabling wifi mt7921_ipv6_addr_change() is called as a notifier.\nAt this point mvif-\u003ephy is already NULL so we cannot use it here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46860",
"url": "https://www.suse.com/security/cve/CVE-2024-46860"
},
{
"category": "external",
"summary": "SUSE Bug 1231093 for CVE-2024-46860",
"url": "https://bugzilla.suse.com/1231093"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46860"
},
{
"cve": "CVE-2024-46861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: do not stop RX on failing RX callback\n\nRX callbacks can fail for multiple reasons:\n\n* Payload too short\n* Payload formatted incorrecly (e.g. bad NCM framing)\n* Lack of memory\n\nNone of these should cause the driver to seize up.\n\nMake such failures non-critical and continue processing further\nincoming URBs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46861",
"url": "https://www.suse.com/security/cve/CVE-2024-46861"
},
{
"category": "external",
"summary": "SUSE Bug 1231102 for CVE-2024-46861",
"url": "https://bugzilla.suse.com/1231102"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46861"
},
{
"cve": "CVE-2024-46864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/hyperv: fix kexec crash due to VP assist page corruption\n\ncommit 9636be85cc5b (\"x86/hyperv: Fix hyperv_pcpu_input_arg handling when\nCPUs go online/offline\") introduces a new cpuhp state for hyperv\ninitialization.\n\ncpuhp_setup_state() returns the state number if state is\nCPUHP_AP_ONLINE_DYN or CPUHP_BP_PREPARE_DYN and 0 for all other states.\nFor the hyperv case, since a new cpuhp state was introduced it would\nreturn 0. However, in hv_machine_shutdown(), the cpuhp_remove_state() call\nis conditioned upon \"hyperv_init_cpuhp \u003e 0\". This will never be true and\nso hv_cpu_die() won\u0027t be called on all CPUs. This means the VP assist page\nwon\u0027t be reset. When the kexec kernel tries to setup the VP assist page\nagain, the hypervisor corrupts the memory region of the old VP assist page\ncausing a panic in case the kexec kernel is using that memory elsewhere.\nThis was originally fixed in commit dfe94d4086e4 (\"x86/hyperv: Fix kexec\npanic/hang issues\").\n\nGet rid of hyperv_init_cpuhp entirely since we are no longer using a\ndynamic cpuhp state and use CPUHP_AP_HYPERV_ONLINE directly with\ncpuhp_remove_state().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46864",
"url": "https://www.suse.com/security/cve/CVE-2024-46864"
},
{
"category": "external",
"summary": "SUSE Bug 1231108 for CVE-2024-46864",
"url": "https://bugzilla.suse.com/1231108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46864"
},
{
"cve": "CVE-2024-46870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Disable DMCUB timeout for DCN35\n\n[Why]\nDMCUB can intermittently take longer than expected to process commands.\n\nOld ASIC policy was to continue while logging a diagnostic error - which\nworks fine for ASIC without IPS, but with IPS this could lead to a race\ncondition where we attempt to access DCN state while it\u0027s inaccessible,\nleading to a system hang when the NIU port is not disabled or register\naccesses that timeout and the display configuration in an undefined\nstate.\n\n[How]\nWe need to investigate why these accesses take longer than expected, but\nfor now we should disable the timeout on DCN35 to avoid this race\ncondition. Since the waits happen only at lower interrupt levels the\nrisk of taking too long at higher IRQ and causing a system watchdog\ntimeout are minimal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46870",
"url": "https://www.suse.com/security/cve/CVE-2024-46870"
},
{
"category": "external",
"summary": "SUSE Bug 1231435 for CVE-2024-46870",
"url": "https://bugzilla.suse.com/1231435"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46870"
},
{
"cve": "CVE-2024-46871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX\n\n[Why \u0026 How]\nIt actually exposes \u00276\u0027 types in enum dmub_notification_type. Not 5. Using smaller\nnumber to create array dmub_callback \u0026 dmub_thread_offload has potential to access\nitem out of array bound. Fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46871",
"url": "https://www.suse.com/security/cve/CVE-2024-46871"
},
{
"category": "external",
"summary": "SUSE Bug 1231434 for CVE-2024-46871",
"url": "https://bugzilla.suse.com/1231434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-46871"
},
{
"cve": "CVE-2024-47658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: stm32/cryp - call finalize with bh disabled\n\nThe finalize operation in interrupt mode produce a produces a spinlock\nrecursion warning. The reason is the fact that BH must be disabled\nduring this process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47658",
"url": "https://www.suse.com/security/cve/CVE-2024-47658"
},
{
"category": "external",
"summary": "SUSE Bug 1231436 for CVE-2024-47658",
"url": "https://bugzilla.suse.com/1231436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47658"
},
{
"cve": "CVE-2024-47660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47660"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsnotify: clear PARENT_WATCHED flags lazily\n\nIn some setups directories can have many (usually negative) dentries.\nHence __fsnotify_update_child_dentry_flags() function can take a\nsignificant amount of time. Since the bulk of this function happens\nunder inode-\u003ei_lock this causes a significant contention on the lock\nwhen we remove the watch from the directory as the\n__fsnotify_update_child_dentry_flags() call from fsnotify_recalc_mask()\nraces with __fsnotify_update_child_dentry_flags() calls from\n__fsnotify_parent() happening on children. This can lead upto softlockup\nreports reported by users.\n\nFix the problem by calling fsnotify_update_children_dentry_flags() to\nset PARENT_WATCHED flags only when parent starts watching children.\n\nWhen parent stops watching children, clear false positive PARENT_WATCHED\nflags lazily in __fsnotify_parent() for each accessed child.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47660",
"url": "https://www.suse.com/security/cve/CVE-2024-47660"
},
{
"category": "external",
"summary": "SUSE Bug 1231439 for CVE-2024-47660",
"url": "https://bugzilla.suse.com/1231439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "low"
}
],
"title": "CVE-2024-47660"
},
{
"cve": "CVE-2024-47661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid overflow from uint32_t to uint8_t\n\n[WHAT \u0026 HOW]\ndmub_rb_cmd\u0027s ramping_boundary has size of uint8_t and it is assigned\n0xFFFF. Fix it by changing it to uint8_t with value of 0xFF.\n\nThis fixes 2 INTEGER_OVERFLOW issues reported by Coverity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47661",
"url": "https://www.suse.com/security/cve/CVE-2024-47661"
},
{
"category": "external",
"summary": "SUSE Bug 1231496 for CVE-2024-47661",
"url": "https://bugzilla.suse.com/1231496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47661"
},
{
"cve": "CVE-2024-47662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47662"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Remove register from DCN35 DMCUB diagnostic collection\n\n[Why]\nThese registers should not be read from driver and triggering the\nsecurity violation when DMCUB work times out and diagnostics are\ncollected blocks Z8 entry.\n\n[How]\nRemove the register read from DCN35.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47662",
"url": "https://www.suse.com/security/cve/CVE-2024-47662"
},
{
"category": "external",
"summary": "SUSE Bug 1231440 for CVE-2024-47662",
"url": "https://bugzilla.suse.com/1231440"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47662"
},
{
"cve": "CVE-2024-47663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: iio: frequency: ad9834: Validate frequency parameter value\n\nIn ad9834_write_frequency() clk_get_rate() can return 0. In such case\nad9834_calc_freqreg() call will lead to division by zero. Checking\n\u0027if (fout \u003e (clk_freq / 2))\u0027 doesn\u0027t protect in case of \u0027fout\u0027 is 0.\nad9834_write_frequency() is called from ad9834_write(), where fout is\ntaken from text buffer, which can contain any value.\n\nModify parameters checking.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47663",
"url": "https://www.suse.com/security/cve/CVE-2024-47663"
},
{
"category": "external",
"summary": "SUSE Bug 1231441 for CVE-2024-47663",
"url": "https://bugzilla.suse.com/1231441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47663"
},
{
"cve": "CVE-2024-47664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware\n\nIf the value of max_speed_hz is 0, it may cause a division by zero\nerror in hisi_calc_effective_speed().\nThe value of max_speed_hz is provided by firmware.\nFirmware is generally considered as a trusted domain. However, as\ndivision by zero errors can cause system failure, for defense measure,\nthe value of max_speed is validated here. So 0 is regarded as invalid\nand an error code is returned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47664",
"url": "https://www.suse.com/security/cve/CVE-2024-47664"
},
{
"category": "external",
"summary": "SUSE Bug 1231442 for CVE-2024-47664",
"url": "https://bugzilla.suse.com/1231442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47664"
},
{
"cve": "CVE-2024-47665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup\n\nDefinitely condition dma_get_cache_alignment * defined value \u003e 256\nduring driver initialization is not reason to BUG_ON(). Turn that to\ngraceful error out with -EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47665",
"url": "https://www.suse.com/security/cve/CVE-2024-47665"
},
{
"category": "external",
"summary": "SUSE Bug 1231452 for CVE-2024-47665",
"url": "https://bugzilla.suse.com/1231452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47665"
},
{
"cve": "CVE-2024-47666",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47666"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm80xx: Set phy-\u003eenable_completion only when we wait for it\n\npm8001_phy_control() populates the enable_completion pointer with a stack\naddress, sends a PHY_LINK_RESET / PHY_HARD_RESET, waits 300 ms, and\nreturns. The problem arises when a phy control response comes late. After\n300 ms the pm8001_phy_control() function returns and the passed\nenable_completion stack address is no longer valid. Late phy control\nresponse invokes complete() on a dangling enable_completion pointer which\nleads to a kernel crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47666",
"url": "https://www.suse.com/security/cve/CVE-2024-47666"
},
{
"category": "external",
"summary": "SUSE Bug 1231453 for CVE-2024-47666",
"url": "https://bugzilla.suse.com/1231453"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47666"
},
{
"cve": "CVE-2024-47667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0)\n\nErrata #i2037 in AM65x/DRA80xM Processors Silicon Revision 1.0\n(SPRZ452D_July 2018_Revised December 2019 [1]) mentions when an\ninbound PCIe TLP spans more than two internal AXI 128-byte bursts,\nthe bus may corrupt the packet payload and the corrupt data may\ncause associated applications or the processor to hang.\n\nThe workaround for Errata #i2037 is to limit the maximum read\nrequest size and maximum payload size to 128 bytes. Add workaround\nfor Errata #i2037 here.\n\nThe errata and workaround is applicable only to AM65x SR 1.0 and\nlater versions of the silicon will have this fixed.\n\n[1] -\u003e https://www.ti.com/lit/er/sprz452i/sprz452i.pdf",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47667",
"url": "https://www.suse.com/security/cve/CVE-2024-47667"
},
{
"category": "external",
"summary": "SUSE Bug 1231481 for CVE-2024-47667",
"url": "https://bugzilla.suse.com/1231481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47667"
},
{
"cve": "CVE-2024-47668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()\n\nIf we need to increase the tree depth, allocate a new node, and then\nrace with another thread that increased the tree depth before us, we\u0027ll\nstill have a preallocated node that might be used later.\n\nIf we then use that node for a new non-root node, it\u0027ll still have a\npointer to the old root instead of being zeroed - fix this by zeroing it\nin the cmpxchg failure path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47668",
"url": "https://www.suse.com/security/cve/CVE-2024-47668"
},
{
"category": "external",
"summary": "SUSE Bug 1231502 for CVE-2024-47668",
"url": "https://bugzilla.suse.com/1231502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47668"
},
{
"cve": "CVE-2024-47669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47669"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix state management in error path of log writing function\n\nAfter commit a694291a6211 (\"nilfs2: separate wait function from\nnilfs_segctor_write\") was applied, the log writing function\nnilfs_segctor_do_construct() was able to issue I/O requests continuously\neven if user data blocks were split into multiple logs across segments,\nbut two potential flaws were introduced in its error handling.\n\nFirst, if nilfs_segctor_begin_construction() fails while creating the\nsecond or subsequent logs, the log writing function returns without\ncalling nilfs_segctor_abort_construction(), so the writeback flag set on\npages/folios will remain uncleared. This causes page cache operations to\nhang waiting for the writeback flag. For example,\ntruncate_inode_pages_final(), which is called via nilfs_evict_inode() when\nan inode is evicted from memory, will hang.\n\nSecond, the NILFS_I_COLLECTED flag set on normal inodes remain uncleared. \nAs a result, if the next log write involves checkpoint creation, that\u0027s\nfine, but if a partial log write is performed that does not, inodes with\nNILFS_I_COLLECTED set are erroneously removed from the \"sc_dirty_files\"\nlist, and their data and b-tree blocks may not be written to the device,\ncorrupting the block mapping.\n\nFix these issues by uniformly calling nilfs_segctor_abort_construction()\non failure of each step in the loop in nilfs_segctor_do_construct(),\nhaving it clean up logs and segment usages according to progress, and\ncorrecting the conditions for calling nilfs_redirty_inodes() to ensure\nthat the NILFS_I_COLLECTED flag is cleared.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47669",
"url": "https://www.suse.com/security/cve/CVE-2024-47669"
},
{
"category": "external",
"summary": "SUSE Bug 1231474 for CVE-2024-47669",
"url": "https://bugzilla.suse.com/1231474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47669"
},
{
"cve": "CVE-2024-47670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: add bounds checking to ocfs2_xattr_find_entry()\n\nAdd a paranoia check to make sure it doesn\u0027t stray beyond valid memory\nregion containing ocfs2 xattr entries when scanning for a match. It will\nprevent out-of-bound access in case of crafted images.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47670",
"url": "https://www.suse.com/security/cve/CVE-2024-47670"
},
{
"category": "external",
"summary": "SUSE Bug 1231537 for CVE-2024-47670",
"url": "https://bugzilla.suse.com/1231537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47670"
},
{
"cve": "CVE-2024-47671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usbtmc: prevent kernel-usb-infoleak\n\nThe syzbot reported a kernel-usb-infoleak in usbtmc_write,\nwe need to clear the structure before filling fields.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47671",
"url": "https://www.suse.com/security/cve/CVE-2024-47671"
},
{
"category": "external",
"summary": "SUSE Bug 1231541 for CVE-2024-47671",
"url": "https://bugzilla.suse.com/1231541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47671"
},
{
"cve": "CVE-2024-47672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47672"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t wait for tx queues if firmware is dead\n\nThere is a WARNING in iwl_trans_wait_tx_queues_empty() (that was\nrecently converted from just a message), that can be hit if we\nwait for TX queues to become empty after firmware died. Clearly,\nwe can\u0027t expect anything from the firmware after it\u0027s declared dead.\n\nDon\u0027t call iwl_trans_wait_tx_queues_empty() in this case. While it could\nbe a good idea to stop the flow earlier, the flush functions do some\nmaintenance work that is not related to the firmware, so keep that part\nof the code running even when the firmware is not running.\n\n[edit commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47672",
"url": "https://www.suse.com/security/cve/CVE-2024-47672"
},
{
"category": "external",
"summary": "SUSE Bug 1231540 for CVE-2024-47672",
"url": "https://bugzilla.suse.com/1231540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47672"
},
{
"cve": "CVE-2024-47673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: pause TCM when the firmware is stopped\n\nNot doing so will make us send a host command to the transport while the\nfirmware is not alive, which will trigger a WARNING.\n\nbad state = 0\nWARNING: CPU: 2 PID: 17434 at drivers/net/wireless/intel/iwlwifi/iwl-trans.c:115 iwl_trans_send_cmd+0x1cb/0x1e0 [iwlwifi]\nRIP: 0010:iwl_trans_send_cmd+0x1cb/0x1e0 [iwlwifi]\nCall Trace:\n \u003cTASK\u003e\n iwl_mvm_send_cmd+0x40/0xc0 [iwlmvm]\n iwl_mvm_config_scan+0x198/0x260 [iwlmvm]\n iwl_mvm_recalc_tcm+0x730/0x11d0 [iwlmvm]\n iwl_mvm_tcm_work+0x1d/0x30 [iwlmvm]\n process_one_work+0x29e/0x640\n worker_thread+0x2df/0x690\n ? rescuer_thread+0x540/0x540\n kthread+0x192/0x1e0\n ? set_kthread_struct+0x90/0x90\n ret_from_fork+0x22/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47673",
"url": "https://www.suse.com/security/cve/CVE-2024-47673"
},
{
"category": "external",
"summary": "SUSE Bug 1231539 for CVE-2024-47673",
"url": "https://bugzilla.suse.com/1231539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47673"
},
{
"cve": "CVE-2024-47674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: avoid leaving partial pfn mappings around in error case\n\nAs Jann points out, PFN mappings are special, because unlike normal\nmemory mappings, there is no lifetime information associated with the\nmapping - it is just a raw mapping of PFNs with no reference counting of\na \u0027struct page\u0027.\n\nThat\u0027s all very much intentional, but it does mean that it\u0027s easy to\nmess up the cleanup in case of errors. Yes, a failed mmap() will always\neventually clean up any partial mappings, but without any explicit\nlifetime in the page table mapping itself, it\u0027s very easy to do the\nerror handling in the wrong order.\n\nIn particular, it\u0027s easy to mistakenly free the physical backing store\nbefore the page tables are actually cleaned up and (temporarily) have\nstale dangling PTE entries.\n\nTo make this situation less error-prone, just make sure that any partial\npfn mapping is torn down early, before any other error handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47674",
"url": "https://www.suse.com/security/cve/CVE-2024-47674"
},
{
"category": "external",
"summary": "SUSE Bug 1231673 for CVE-2024-47674",
"url": "https://bugzilla.suse.com/1231673"
},
{
"category": "external",
"summary": "SUSE Bug 1231676 for CVE-2024-47674",
"url": "https://bugzilla.suse.com/1231676"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-47674"
},
{
"cve": "CVE-2024-47675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix use-after-free in bpf_uprobe_multi_link_attach()\n\nIf bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the\nerror_free label and frees the array of bpf_uprobe\u0027s without calling\nbpf_uprobe_unregister().\n\nThis leaks bpf_uprobe-\u003euprobe and worse, this frees bpf_uprobe-\u003econsumer\nwithout removing it from the uprobe-\u003econsumers list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47675",
"url": "https://www.suse.com/security/cve/CVE-2024-47675"
},
{
"category": "external",
"summary": "SUSE Bug 1231926 for CVE-2024-47675",
"url": "https://bugzilla.suse.com/1231926"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47675"
},
{
"cve": "CVE-2024-47679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfs: fix race between evice_inodes() and find_inode()\u0026iput()\n\nHi, all\n\nRecently I noticed a bug[1] in btrfs, after digged it into\nand I believe it\u0027a race in vfs.\n\nLet\u0027s assume there\u0027s a inode (ie ino 261) with i_count 1 is\ncalled by iput(), and there\u0027s a concurrent thread calling\ngeneric_shutdown_super().\n\ncpu0: cpu1:\niput() // i_count is 1\n -\u003espin_lock(inode)\n -\u003edec i_count to 0\n -\u003eiput_final() generic_shutdown_super()\n -\u003e__inode_add_lru() -\u003eevict_inodes()\n // cause some reason[2] -\u003eif (atomic_read(inode-\u003ei_count)) continue;\n // return before // inode 261 passed the above check\n // list_lru_add_obj() // and then schedule out\n -\u003espin_unlock()\n// note here: the inode 261\n// was still at sb list and hash list,\n// and I_FREEING|I_WILL_FREE was not been set\n\nbtrfs_iget()\n // after some function calls\n -\u003efind_inode()\n // found the above inode 261\n -\u003espin_lock(inode)\n // check I_FREEING|I_WILL_FREE\n // and passed\n -\u003e__iget()\n -\u003espin_unlock(inode) // schedule back\n -\u003espin_lock(inode)\n // check (I_NEW|I_FREEING|I_WILL_FREE) flags,\n // passed and set I_FREEING\niput() -\u003espin_unlock(inode)\n -\u003espin_lock(inode)\t\t\t -\u003eevict()\n // dec i_count to 0\n -\u003eiput_final()\n -\u003espin_unlock()\n -\u003eevict()\n\nNow, we have two threads simultaneously evicting\nthe same inode, which may trigger the BUG(inode-\u003ei_state \u0026 I_CLEAR)\nstatement both within clear_inode() and iput().\n\nTo fix the bug, recheck the inode-\u003ei_count after holding i_lock.\nBecause in the most scenarios, the first check is valid, and\nthe overhead of spin_lock() can be reduced.\n\nIf there is any misunderstanding, please let me know, thanks.\n\n[1]: https://lore.kernel.org/linux-btrfs/000000000000eabe1d0619c48986@google.com/\n[2]: The reason might be 1. SB_ACTIVE was removed or 2. mapping_shrinkable()\nreturn false when I reproduced the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47679",
"url": "https://www.suse.com/security/cve/CVE-2024-47679"
},
{
"category": "external",
"summary": "SUSE Bug 1231930 for CVE-2024-47679",
"url": "https://bugzilla.suse.com/1231930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47679"
},
{
"cve": "CVE-2024-47681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he\n\nFix the NULL pointer dereference in mt7996_mcu_sta_bfer_he\nroutine adding an sta interface to the mt7996 driver.\n\nFound by code review.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47681",
"url": "https://www.suse.com/security/cve/CVE-2024-47681"
},
{
"category": "external",
"summary": "SUSE Bug 1231855 for CVE-2024-47681",
"url": "https://bugzilla.suse.com/1231855"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47681"
},
{
"cve": "CVE-2024-47682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47682"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: sd: Fix off-by-one error in sd_read_block_characteristics()\n\nFf the device returns page 0xb1 with length 8 (happens with qemu v2.x, for\nexample), sd_read_block_characteristics() may attempt an out-of-bounds\nmemory access when accessing the zoned field at offset 8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47682",
"url": "https://www.suse.com/security/cve/CVE-2024-47682"
},
{
"category": "external",
"summary": "SUSE Bug 1231856 for CVE-2024-47682",
"url": "https://bugzilla.suse.com/1231856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47682"
},
{
"cve": "CVE-2024-47684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: check skb is non-NULL in tcp_rto_delta_us()\n\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\nkernel that are running ceph and recently hit a null ptr dereference in\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\nsaw it getting hit from the RACK case as well. Here are examples of the oops\nmessages we saw in each of those cases:\n\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 \u003c48\u003e 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\nJul 26 15:05:02 rx [11061395.919488]\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47684",
"url": "https://www.suse.com/security/cve/CVE-2024-47684"
},
{
"category": "external",
"summary": "SUSE Bug 1231987 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231987"
},
{
"category": "external",
"summary": "SUSE Bug 1231993 for CVE-2024-47684",
"url": "https://bugzilla.suse.com/1231993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-47684"
},
{
"cve": "CVE-2024-47685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47685"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()\n\nsyzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending\ngarbage on the four reserved tcp bits (th-\u003eres1)\n\nUse skb_put_zero() to clear the whole TCP header,\nas done in nf_reject_ip_tcphdr_put()\n\nBUG: KMSAN: uninit-value in nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255\n nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255\n nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344\n nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5775\n process_backlog+0x4ad/0xa50 net/core/dev.c:6108\n __napi_poll+0xe7/0x980 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0xa5a/0x19b0 net/core/dev.c:6963\n handle_softirqs+0x1ce/0x800 kernel/softirq.c:554\n __do_softirq+0x14/0x1a kernel/softirq.c:588\n do_softirq+0x9a/0x100 kernel/softirq.c:455\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:382\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:908 [inline]\n __dev_queue_xmit+0x2692/0x5610 net/core/dev.c:4450\n dev_queue_xmit include/linux/netdevice.h:3105 [inline]\n neigh_resolve_output+0x9ca/0xae0 net/core/neighbour.c:1565\n neigh_output include/net/neighbour.h:542 [inline]\n ip6_finish_output2+0x2347/0x2ba0 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0xbb8/0x14b0 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x356/0x620 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip6_xmit+0x1ba6/0x25d0 net/ipv6/ip6_output.c:366\n inet6_csk_xmit+0x442/0x530 net/ipv6/inet6_connection_sock.c:135\n __tcp_transmit_skb+0x3b07/0x4880 net/ipv4/tcp_output.c:1466\n tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline]\n tcp_connect+0x35b6/0x7130 net/ipv4/tcp_output.c:4143\n tcp_v6_connect+0x1bcc/0x1e40 net/ipv6/tcp_ipv6.c:333\n __inet_stream_connect+0x2ef/0x1730 net/ipv4/af_inet.c:679\n inet_stream_connect+0x6a/0xd0 net/ipv4/af_inet.c:750\n __sys_connect_file net/socket.c:2061 [inline]\n __sys_connect+0x606/0x690 net/socket.c:2078\n __do_sys_connect net/socket.c:2088 [inline]\n __se_sys_connect net/socket.c:2085 [inline]\n __x64_sys_connect+0x91/0xe0 net/socket.c:2085\n x64_sys_call+0x27a5/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:43\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was stored to memory at:\n nf_reject_ip6_tcphdr_put+0x60c/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:249\n nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344\n nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288\n nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310\n __netif_receive_skb_one_core\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47685",
"url": "https://www.suse.com/security/cve/CVE-2024-47685"
},
{
"category": "external",
"summary": "SUSE Bug 1231998 for CVE-2024-47685",
"url": "https://bugzilla.suse.com/1231998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47685"
},
{
"cve": "CVE-2024-47686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nep93xx: clock: Fix off by one in ep93xx_div_recalc_rate()\n\nThe psc-\u003ediv[] array has psc-\u003enum_div elements. These values come from\nwhen we call clk_hw_register_div(). It\u0027s adc_divisors and\nARRAY_SIZE(adc_divisors)) and so on. So this condition needs to be \u003e=\ninstead of \u003e to prevent an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47686",
"url": "https://www.suse.com/security/cve/CVE-2024-47686"
},
{
"category": "external",
"summary": "SUSE Bug 1232000 for CVE-2024-47686",
"url": "https://bugzilla.suse.com/1232000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "low"
}
],
"title": "CVE-2024-47686"
},
{
"cve": "CVE-2024-47687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa/mlx5: Fix invalid mr resource destroy\n\nCertain error paths from mlx5_vdpa_dev_add() can end up releasing mr\nresources which never got initialized in the first place.\n\nThis patch adds the missing check in mlx5_vdpa_destroy_mr_resources()\nto block releasing non-initialized mr resources.\n\nReference trace:\n\n mlx5_core 0000:08:00.2: mlx5_vdpa_dev_add:3274:(pid 2700) warning: No mac address provisioned?\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 140216067 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 8 PID: 2700 Comm: vdpa Kdump: loaded Not tainted 5.14.0-496.el9.x86_64 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:vhost_iotlb_del_range+0xf/0xe0 [vhost_iotlb]\n Code: [...]\n RSP: 0018:ff1c823ac23077f0 EFLAGS: 00010246\n RAX: ffffffffc1a21a60 RBX: ffffffff899567a0 RCX: 0000000000000000\n RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ff1bda1f7c21e800 R08: 0000000000000000 R09: ff1c823ac2307670\n R10: ff1c823ac2307668 R11: ffffffff8a9e7b68 R12: 0000000000000000\n R13: 0000000000000000 R14: ff1bda1f43e341a0 R15: 00000000ffffffea\n FS: 00007f56eba7c740(0000) GS:ff1bda269f800000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000104d90001 CR4: 0000000000771ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n\n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? mlx5_vdpa_free+0x3d/0x150 [mlx5_vdpa]\n ? __die_body.cold+0x8/0xd\n ? page_fault_oops+0x134/0x170\n ? __irq_work_queue_local+0x2b/0xc0\n ? irq_work_queue+0x2c/0x50\n ? exc_page_fault+0x62/0x150\n ? asm_exc_page_fault+0x22/0x30\n ? __pfx_mlx5_vdpa_free+0x10/0x10 [mlx5_vdpa]\n ? vhost_iotlb_del_range+0xf/0xe0 [vhost_iotlb]\n mlx5_vdpa_free+0x3d/0x150 [mlx5_vdpa]\n vdpa_release_dev+0x1e/0x50 [vdpa]\n device_release+0x31/0x90\n kobject_cleanup+0x37/0x130\n mlx5_vdpa_dev_add+0x2d2/0x7a0 [mlx5_vdpa]\n vdpa_nl_cmd_dev_add_set_doit+0x277/0x4c0 [vdpa]\n genl_family_rcv_msg_doit+0xd9/0x130\n genl_family_rcv_msg+0x14d/0x220\n ? __pfx_vdpa_nl_cmd_dev_add_set_doit+0x10/0x10 [vdpa]\n ? _copy_to_user+0x1a/0x30\n ? move_addr_to_user+0x4b/0xe0\n genl_rcv_msg+0x47/0xa0\n ? __import_iovec+0x46/0x150\n ? __pfx_genl_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x245/0x370\n netlink_sendmsg+0x206/0x440\n __sys_sendto+0x1dc/0x1f0\n ? do_read_fault+0x10c/0x1d0\n ? do_pte_missing+0x10d/0x190\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x5c/0xf0\n ? __count_memcg_events+0x4f/0xb0\n ? mm_account_fault+0x6c/0x100\n ? handle_mm_fault+0x116/0x270\n ? do_user_addr_fault+0x1d6/0x6a0\n ? do_syscall_64+0x6b/0xf0\n ? clear_bhb_loop+0x25/0x80\n ? clear_bhb_loop+0x25/0x80\n ? clear_bhb_loop+0x25/0x80\n ? clear_bhb_loop+0x25/0x80\n ? clear_bhb_loop+0x25/0x80\n entry_SYSCALL_64_after_hwframe+0x78/0x80",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47687",
"url": "https://www.suse.com/security/cve/CVE-2024-47687"
},
{
"category": "external",
"summary": "SUSE Bug 1232003 for CVE-2024-47687",
"url": "https://bugzilla.suse.com/1232003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47687"
},
{
"cve": "CVE-2024-47688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47688"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: Fix a potential null-ptr-deref in module_add_driver()\n\nInject fault while probing of-fpga-region, if kasprintf() fails in\nmodule_add_driver(), the second sysfs_remove_link() in exit path will cause\nnull-ptr-deref as below because kernfs_name_hash() will call strlen() with\nNULL driver_name.\n\nFix it by releasing resources based on the exit path sequence.\n\n\t KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n\t Mem abort info:\n\t ESR = 0x0000000096000005\n\t EC = 0x25: DABT (current EL), IL = 32 bits\n\t SET = 0, FnV = 0\n\t EA = 0, S1PTW = 0\n\t FSC = 0x05: level 1 translation fault\n\t Data abort info:\n\t ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n\t CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n\t GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n\t [dfffffc000000000] address between user and kernel address ranges\n\t Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n\t Dumping ftrace buffer:\n\t (ftrace buffer empty)\n\t Modules linked in: of_fpga_region(+) fpga_region fpga_bridge cfg80211 rfkill 8021q garp mrp stp llc ipv6 [last unloaded: of_fpga_region]\n\t CPU: 2 UID: 0 PID: 2036 Comm: modprobe Not tainted 6.11.0-rc2-g6a0e38264012 #295\n\t Hardware name: linux,dummy-virt (DT)\n\t pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n\t pc : strlen+0x24/0xb0\n\t lr : kernfs_name_hash+0x1c/0xc4\n\t sp : ffffffc081f97380\n\t x29: ffffffc081f97380 x28: ffffffc081f97b90 x27: ffffff80c821c2a0\n\t x26: ffffffedac0be418 x25: 0000000000000000 x24: ffffff80c09d2000\n\t x23: 0000000000000000 x22: 0000000000000000 x21: 0000000000000000\n\t x20: 0000000000000000 x19: 0000000000000000 x18: 0000000000001840\n\t x17: 0000000000000000 x16: 0000000000000000 x15: 1ffffff8103f2e42\n\t x14: 00000000f1f1f1f1 x13: 0000000000000004 x12: ffffffb01812d61d\n\t x11: 1ffffff01812d61c x10: ffffffb01812d61c x9 : dfffffc000000000\n\t x8 : 0000004fe7ed29e4 x7 : ffffff80c096b0e7 x6 : 0000000000000001\n\t x5 : ffffff80c096b0e0 x4 : 1ffffffdb990efa2 x3 : 0000000000000000\n\t x2 : 0000000000000000 x1 : dfffffc000000000 x0 : 0000000000000000\n\t Call trace:\n\t strlen+0x24/0xb0\n\t kernfs_name_hash+0x1c/0xc4\n\t kernfs_find_ns+0x118/0x2e8\n\t kernfs_remove_by_name_ns+0x80/0x100\n\t sysfs_remove_link+0x74/0xa8\n\t module_add_driver+0x278/0x394\n\t bus_add_driver+0x1f0/0x43c\n\t driver_register+0xf4/0x3c0\n\t __platform_driver_register+0x60/0x88\n\t of_fpga_region_init+0x20/0x1000 [of_fpga_region]\n\t do_one_initcall+0x110/0x788\n\t do_init_module+0x1dc/0x5c8\n\t load_module+0x3c38/0x4cac\n\t init_module_from_file+0xd4/0x128\n\t idempotent_init_module+0x2cc/0x528\n\t __arm64_sys_finit_module+0xac/0x100\n\t invoke_syscall+0x6c/0x258\n\t el0_svc_common.constprop.0+0x160/0x22c\n\t do_el0_svc+0x44/0x5c\n\t el0_svc+0x48/0xb8\n\t el0t_64_sync_handler+0x13c/0x158\n\t el0t_64_sync+0x190/0x194\n\t Code: f2fbffe1 a90157f4 12000802 aa0003f5 (38e16861)\n\t ---[ end trace 0000000000000000 ]---\n\t Kernel panic - not syncing: Oops: Fatal exception",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47688",
"url": "https://www.suse.com/security/cve/CVE-2024-47688"
},
{
"category": "external",
"summary": "SUSE Bug 1232009 for CVE-2024-47688",
"url": "https://bugzilla.suse.com/1232009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47688"
},
{
"cve": "CVE-2024-47692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: return -EINVAL when namelen is 0\n\nWhen we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may\nresult in namelen being 0, which will cause memdup_user() to return\nZERO_SIZE_PTR.\nWhen we access the name.data that has been assigned the value of\nZERO_SIZE_PTR in nfs4_client_to_reclaim(), null pointer dereference is\ntriggered.\n\n[ T1205] ==================================================================\n[ T1205] BUG: KASAN: null-ptr-deref in nfs4_client_to_reclaim+0xe9/0x260\n[ T1205] Read of size 1 at addr 0000000000000010 by task nfsdcld/1205\n[ T1205]\n[ T1205] CPU: 11 PID: 1205 Comm: nfsdcld Not tainted 5.10.0-00003-g2c1423731b8d #406\n[ T1205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014\n[ T1205] Call Trace:\n[ T1205] dump_stack+0x9a/0xd0\n[ T1205] ? nfs4_client_to_reclaim+0xe9/0x260\n[ T1205] __kasan_report.cold+0x34/0x84\n[ T1205] ? nfs4_client_to_reclaim+0xe9/0x260\n[ T1205] kasan_report+0x3a/0x50\n[ T1205] nfs4_client_to_reclaim+0xe9/0x260\n[ T1205] ? nfsd4_release_lockowner+0x410/0x410\n[ T1205] cld_pipe_downcall+0x5ca/0x760\n[ T1205] ? nfsd4_cld_tracking_exit+0x1d0/0x1d0\n[ T1205] ? down_write_killable_nested+0x170/0x170\n[ T1205] ? avc_policy_seqno+0x28/0x40\n[ T1205] ? selinux_file_permission+0x1b4/0x1e0\n[ T1205] rpc_pipe_write+0x84/0xb0\n[ T1205] vfs_write+0x143/0x520\n[ T1205] ksys_write+0xc9/0x170\n[ T1205] ? __ia32_sys_read+0x50/0x50\n[ T1205] ? ktime_get_coarse_real_ts64+0xfe/0x110\n[ T1205] ? ktime_get_coarse_real_ts64+0xa2/0x110\n[ T1205] do_syscall_64+0x33/0x40\n[ T1205] entry_SYSCALL_64_after_hwframe+0x67/0xd1\n[ T1205] RIP: 0033:0x7fdbdb761bc7\n[ T1205] Code: 0f 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 514\n[ T1205] RSP: 002b:00007fff8c4b7248 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ T1205] RAX: ffffffffffffffda RBX: 000000000000042b RCX: 00007fdbdb761bc7\n[ T1205] RDX: 000000000000042b RSI: 00007fff8c4b75f0 RDI: 0000000000000008\n[ T1205] RBP: 00007fdbdb761bb0 R08: 0000000000000000 R09: 0000000000000001\n[ T1205] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000042b\n[ T1205] R13: 0000000000000008 R14: 00007fff8c4b75f0 R15: 0000000000000000\n[ T1205] ==================================================================\n\nFix it by checking namelen.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47692",
"url": "https://www.suse.com/security/cve/CVE-2024-47692"
},
{
"category": "external",
"summary": "SUSE Bug 1231857 for CVE-2024-47692",
"url": "https://bugzilla.suse.com/1231857"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47692"
},
{
"cve": "CVE-2024-47693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/core: Fix ib_cache_setup_one error flow cleanup\n\nWhen ib_cache_update return an error, we exit ib_cache_setup_one\ninstantly with no proper cleanup, even though before this we had\nalready successfully done gid_table_setup_one, that results in\nthe kernel WARN below.\n\nDo proper cleanup using gid_table_cleanup_one before returning\nthe err in order to fix the issue.\n\nWARNING: CPU: 4 PID: 922 at drivers/infiniband/core/cache.c:806 gid_table_release_one+0x181/0x1a0\nModules linked in:\nCPU: 4 UID: 0 PID: 922 Comm: c_repro Not tainted 6.11.0-rc1+ #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:gid_table_release_one+0x181/0x1a0\nCode: 44 8b 38 75 0c e8 2f cb 34 ff 4d 8b b5 28 05 00 00 e8 23 cb 34 ff 44 89 f9 89 da 4c 89 f6 48 c7 c7 d0 58 14 83 e8 4f de 21 ff \u003c0f\u003e 0b 4c 8b 75 30 e9 54 ff ff ff 48 8 3 c4 10 5b 5d 41 5c 41 5d 41\nRSP: 0018:ffffc90002b835b0 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff811c8527\nRDX: 0000000000000000 RSI: ffffffff811c8534 RDI: 0000000000000001\nRBP: ffff8881011b3d00 R08: ffff88810b3abe00 R09: 205d303839303631\nR10: 666572207972746e R11: 72746e6520444947 R12: 0000000000000001\nR13: ffff888106390000 R14: ffff8881011f2110 R15: 0000000000000001\nFS: 00007fecc3b70800(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000340 CR3: 000000010435a001 CR4: 00000000003706b0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? show_regs+0x94/0xa0\n ? __warn+0x9e/0x1c0\n ? gid_table_release_one+0x181/0x1a0\n ? report_bug+0x1f9/0x340\n ? gid_table_release_one+0x181/0x1a0\n ? handle_bug+0xa2/0x110\n ? exc_invalid_op+0x31/0xa0\n ? asm_exc_invalid_op+0x16/0x20\n ? __warn_printk+0xc7/0x180\n ? __warn_printk+0xd4/0x180\n ? gid_table_release_one+0x181/0x1a0\n ib_device_release+0x71/0xe0\n ? __pfx_ib_device_release+0x10/0x10\n device_release+0x44/0xd0\n kobject_put+0x135/0x3d0\n put_device+0x20/0x30\n rxe_net_add+0x7d/0xa0\n rxe_newlink+0xd7/0x190\n nldev_newlink+0x1b0/0x2a0\n ? __pfx_nldev_newlink+0x10/0x10\n rdma_nl_rcv_msg+0x1ad/0x2e0\n rdma_nl_rcv_skb.constprop.0+0x176/0x210\n netlink_unicast+0x2de/0x400\n netlink_sendmsg+0x306/0x660\n __sock_sendmsg+0x110/0x120\n ____sys_sendmsg+0x30e/0x390\n ___sys_sendmsg+0x9b/0xf0\n ? kstrtouint+0x6e/0xa0\n ? kstrtouint_from_user+0x7c/0xb0\n ? get_pid_task+0xb0/0xd0\n ? proc_fail_nth_write+0x5b/0x140\n ? __fget_light+0x9a/0x200\n ? preempt_count_add+0x47/0xa0\n __sys_sendmsg+0x61/0xd0\n do_syscall_64+0x50/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47693",
"url": "https://www.suse.com/security/cve/CVE-2024-47693"
},
{
"category": "external",
"summary": "SUSE Bug 1232013 for CVE-2024-47693",
"url": "https://bugzilla.suse.com/1232013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47693"
},
{
"cve": "CVE-2024-47695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47695"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds\n\nIn the function init_conns(), after the create_con() and create_cm() for\nloop if something fails. In the cleanup for loop after the destroy tag, we\naccess out of bound memory because cid is set to clt_path-\u003es.con_num.\n\nThis commits resets the cid to clt_path-\u003es.con_num - 1, to stay in bounds\nin the cleanup loop later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47695",
"url": "https://www.suse.com/security/cve/CVE-2024-47695"
},
{
"category": "external",
"summary": "SUSE Bug 1231931 for CVE-2024-47695",
"url": "https://bugzilla.suse.com/1231931"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47695"
},
{
"cve": "CVE-2024-47696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47696"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency\n\nIn the commit aee2424246f9 (\"RDMA/iwcm: Fix a use-after-free related to\ndestroying CM IDs\"), the function flush_workqueue is invoked to flush the\nwork queue iwcm_wq.\n\nBut at that time, the work queue iwcm_wq was created via the function\nalloc_ordered_workqueue without the flag WQ_MEM_RECLAIM.\n\nBecause the current process is trying to flush the whole iwcm_wq, if\niwcm_wq doesn\u0027t have the flag WQ_MEM_RECLAIM, verify that the current\nprocess is not reclaiming memory or running on a workqueue which doesn\u0027t\nhave the flag WQ_MEM_RECLAIM as that can break forward-progress guarantee\nleading to a deadlock.\n\nThe call trace is as below:\n\n[ 125.350876][ T1430] Call Trace:\n[ 125.356281][ T1430] \u003cTASK\u003e\n[ 125.361285][ T1430] ? __warn (kernel/panic.c:693)\n[ 125.367640][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.375689][ T1430] ? report_bug (lib/bug.c:180 lib/bug.c:219)\n[ 125.382505][ T1430] ? handle_bug (arch/x86/kernel/traps.c:239)\n[ 125.388987][ T1430] ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1))\n[ 125.395831][ T1430] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 125.403125][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.410984][ T1430] ? check_flush_dependency (kernel/workqueue.c:3706 (discriminator 9))\n[ 125.418764][ T1430] __flush_workqueue (kernel/workqueue.c:3970)\n[ 125.426021][ T1430] ? __pfx___might_resched (kernel/sched/core.c:10151)\n[ 125.433431][ T1430] ? destroy_cm_id (drivers/infiniband/core/iwcm.c:375) iw_cm\n[ 125.441209][ T1430] ? __pfx___flush_workqueue (kernel/workqueue.c:3910)\n[ 125.473900][ T1430] ? _raw_spin_lock_irqsave (arch/x86/include/asm/atomic.h:107 include/linux/atomic/atomic-arch-fallback.h:2170 include/linux/atomic/atomic-instrumented.h:1302 include/asm-generic/qspinlock.h:111 include/linux/spinlock.h:187 include/linux/spinlock_api_smp.h:111 kernel/locking/spinlock.c:162)\n[ 125.473909][ T1430] ? __pfx__raw_spin_lock_irqsave (kernel/locking/spinlock.c:161)\n[ 125.482537][ T1430] _destroy_id (drivers/infiniband/core/cma.c:2044) rdma_cm\n[ 125.495072][ T1430] nvme_rdma_free_queue (drivers/nvme/host/rdma.c:656 drivers/nvme/host/rdma.c:650) nvme_rdma\n[ 125.505827][ T1430] nvme_rdma_reset_ctrl_work (drivers/nvme/host/rdma.c:2180) nvme_rdma\n[ 125.505831][ T1430] process_one_work (kernel/workqueue.c:3231)\n[ 125.515122][ T1430] worker_thread (kernel/workqueue.c:3306 kernel/workqueue.c:3393)\n[ 125.515127][ T1430] ? __pfx_worker_thread (kernel/workqueue.c:3339)\n[ 125.531837][ T1430] kthread (kernel/kthread.c:389)\n[ 125.539864][ T1430] ? __pfx_kthread (kernel/kthread.c:342)\n[ 125.550628][ T1430] ret_from_fork (arch/x86/kernel/process.c:147)\n[ 125.558840][ T1430] ? __pfx_kthread (kernel/kthread.c:342)\n[ 125.558844][ T1430] ret_from_fork_asm (arch/x86/entry/entry_64.S:257)\n[ 125.566487][ T1430] \u003c/TASK\u003e\n[ 125.566488][ T1430] ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47696",
"url": "https://www.suse.com/security/cve/CVE-2024-47696"
},
{
"category": "external",
"summary": "SUSE Bug 1231864 for CVE-2024-47696",
"url": "https://bugzilla.suse.com/1231864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47696"
},
{
"cve": "CVE-2024-47697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error\n\nEnsure index in rtl2830_pid_filter does not exceed 31 to prevent\nout-of-bounds access.\n\ndev-\u003efilters is a 32-bit value, so set_bit and clear_bit functions should\nonly operate on indices from 0 to 31. If index is 32, it will attempt to\naccess a non-existent 33rd bit, leading to out-of-bounds access.\nChange the boundary check from index \u003e 32 to index \u003e= 32 to resolve this\nissue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47697",
"url": "https://www.suse.com/security/cve/CVE-2024-47697"
},
{
"category": "external",
"summary": "SUSE Bug 1231858 for CVE-2024-47697",
"url": "https://bugzilla.suse.com/1231858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47697"
},
{
"cve": "CVE-2024-47698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error\n\nEnsure index in rtl2832_pid_filter does not exceed 31 to prevent\nout-of-bounds access.\n\ndev-\u003efilters is a 32-bit value, so set_bit and clear_bit functions should\nonly operate on indices from 0 to 31. If index is 32, it will attempt to\naccess a non-existent 33rd bit, leading to out-of-bounds access.\nChange the boundary check from index \u003e 32 to index \u003e= 32 to resolve this\nissue.\n\n[hverkuil: added fixes tag, rtl2830_pid_filter -\u003e rtl2832_pid_filter in logmsg]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47698",
"url": "https://www.suse.com/security/cve/CVE-2024-47698"
},
{
"category": "external",
"summary": "SUSE Bug 1231859 for CVE-2024-47698",
"url": "https://bugzilla.suse.com/1231859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47698"
},
{
"cve": "CVE-2024-47699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential null-ptr-deref in nilfs_btree_insert()\n\nPatch series \"nilfs2: fix potential issues with empty b-tree nodes\".\n\nThis series addresses three potential issues with empty b-tree nodes that\ncan occur with corrupted filesystem images, including one recently\ndiscovered by syzbot.\n\n\nThis patch (of 3):\n\nIf a b-tree is broken on the device, and the b-tree height is greater than\n2 (the level of the root node is greater than 1) even if the number of\nchild nodes of the b-tree root is 0, a NULL pointer dereference occurs in\nnilfs_btree_prepare_insert(), which is called from nilfs_btree_insert().\n\nThis is because, when the number of child nodes of the b-tree root is 0,\nnilfs_btree_do_lookup() does not set the block buffer head in any of\npath[x].bp_bh, leaving it as the initial value of NULL, but if the level\nof the b-tree root node is greater than 1, nilfs_btree_get_nonroot_node(),\nwhich accesses the buffer memory of path[x].bp_bh, is called.\n\nFix this issue by adding a check to nilfs_btree_root_broken(), which\nperforms sanity checks when reading the root node from the device, to\ndetect this inconsistency.\n\nThanks to Lizhi Xu for trying to solve the bug and clarifying the cause\nearly on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47699",
"url": "https://www.suse.com/security/cve/CVE-2024-47699"
},
{
"category": "external",
"summary": "SUSE Bug 1231916 for CVE-2024-47699",
"url": "https://bugzilla.suse.com/1231916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47699"
},
{
"cve": "CVE-2024-47701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid OOB when system.data xattr changes underneath the filesystem\n\nWhen looking up for an entry in an inlined directory, if e_value_offs is\nchanged underneath the filesystem by some change in the block device, it\nwill lead to an out-of-bounds access that KASAN detects as an UAF.\n\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.\nloop0: detected capacity change from 2048 to 2047\n==================================================================\nBUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\nRead of size 1 at addr ffff88803e91130f by task syz-executor269/5103\n\nCPU: 0 UID: 0 PID: 5103 Comm: syz-executor269 Not tainted 6.11.0-rc4-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\n ext4_find_inline_entry+0x4be/0x5e0 fs/ext4/inline.c:1697\n __ext4_find_entry+0x2b4/0x1b30 fs/ext4/namei.c:1573\n ext4_lookup_entry fs/ext4/namei.c:1727 [inline]\n ext4_lookup+0x15f/0x750 fs/ext4/namei.c:1795\n lookup_one_qstr_excl+0x11f/0x260 fs/namei.c:1633\n filename_create+0x297/0x540 fs/namei.c:3980\n do_symlinkat+0xf9/0x3a0 fs/namei.c:4587\n __do_sys_symlinkat fs/namei.c:4610 [inline]\n __se_sys_symlinkat fs/namei.c:4607 [inline]\n __x64_sys_symlinkat+0x95/0xb0 fs/namei.c:4607\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f3e73ced469\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff4d40c258 EFLAGS: 00000246 ORIG_RAX: 000000000000010a\nRAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007f3e73ced469\nRDX: 0000000020000200 RSI: 00000000ffffff9c RDI: 00000000200001c0\nRBP: 0000000000000000 R08: 00007fff4d40c290 R09: 00007fff4d40c290\nR10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007fff4d40c27c\nR13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff4d40c2b0\n \u003c/TASK\u003e\n\nCalling ext4_xattr_ibody_find right after reading the inode with\next4_get_inode_loc will lead to a check of the validity of the xattrs,\navoiding this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47701",
"url": "https://www.suse.com/security/cve/CVE-2024-47701"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1231920 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1231920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47701"
},
{
"cve": "CVE-2024-47702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fail verification for sign-extension of packet data/data_end/data_meta\n\nsyzbot reported a kernel crash due to\n commit 1f1e864b6555 (\"bpf: Handle sign-extenstin ctx member accesses\").\nThe reason is due to sign-extension of 32-bit load for\npacket data/data_end/data_meta uapi field.\n\nThe original code looks like:\n r2 = *(s32 *)(r1 + 76) /* load __sk_buff-\u003edata */\n r3 = *(u32 *)(r1 + 80) /* load __sk_buff-\u003edata_end */\n r0 = r2\n r0 += 8\n if r3 \u003e r0 goto +1\n ...\nNote that __sk_buff-\u003edata load has 32-bit sign extension.\n\nAfter verification and convert_ctx_accesses(), the final asm code looks like:\n r2 = *(u64 *)(r1 +208)\n r2 = (s32)r2\n r3 = *(u64 *)(r1 +80)\n r0 = r2\n r0 += 8\n if r3 \u003e r0 goto pc+1\n ...\nNote that \u0027r2 = (s32)r2\u0027 may make the kernel __sk_buff-\u003edata address invalid\nwhich may cause runtime failure.\n\nCurrently, in C code, typically we have\n void *data = (void *)(long)skb-\u003edata;\n void *data_end = (void *)(long)skb-\u003edata_end;\n ...\nand it will generate\n r2 = *(u64 *)(r1 +208)\n r3 = *(u64 *)(r1 +80)\n r0 = r2\n r0 += 8\n if r3 \u003e r0 goto pc+1\n\nIf we allow sign-extension,\n void *data = (void *)(long)(int)skb-\u003edata;\n void *data_end = (void *)(long)skb-\u003edata_end;\n ...\nthe generated code looks like\n r2 = *(u64 *)(r1 +208)\n r2 \u003c\u003c= 32\n r2 s\u003e\u003e= 32\n r3 = *(u64 *)(r1 +80)\n r0 = r2\n r0 += 8\n if r3 \u003e r0 goto pc+1\nand this will cause verification failure since \"r2 \u003c\u003c= 32\" is not allowed\nas \"r2\" is a packet pointer.\n\nTo fix this issue for case\n r2 = *(s32 *)(r1 + 76) /* load __sk_buff-\u003edata */\nthis patch added additional checking in is_valid_access() callback\nfunction for packet data/data_end/data_meta access. If those accesses\nare with sign-extenstion, the verification will fail.\n\n [1] https://lore.kernel.org/bpf/000000000000c90eee061d236d37@google.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47702",
"url": "https://www.suse.com/security/cve/CVE-2024-47702"
},
{
"category": "external",
"summary": "SUSE Bug 1231924 for CVE-2024-47702",
"url": "https://bugzilla.suse.com/1231924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47702"
},
{
"cve": "CVE-2024-47703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, lsm: Add check for BPF LSM return value\n\nA bpf prog returning a positive number attached to file_alloc_security\nhook makes kernel panic.\n\nThis happens because file system can not filter out the positive number\nreturned by the LSM prog using IS_ERR, and misinterprets this positive\nnumber as a file pointer.\n\nGiven that hook file_alloc_security never returned positive number\nbefore the introduction of BPF LSM, and other BPF LSM hooks may\nencounter similar issues, this patch adds LSM return value check\nin verifier, to ensure no unexpected value is returned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47703",
"url": "https://www.suse.com/security/cve/CVE-2024-47703"
},
{
"category": "external",
"summary": "SUSE Bug 1231946 for CVE-2024-47703",
"url": "https://bugzilla.suse.com/1231946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47703"
},
{
"cve": "CVE-2024-47704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check link_res-\u003ehpo_dp_link_enc before using it\n\n[WHAT \u0026 HOW]\nFunctions dp_enable_link_phy and dp_disable_link_phy can pass link_res\nwithout initializing hpo_dp_link_enc and it is necessary to check for\nnull before dereferencing.\n\nThis fixes 2 FORWARD_NULL issues reported by Coverity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47704",
"url": "https://www.suse.com/security/cve/CVE-2024-47704"
},
{
"category": "external",
"summary": "SUSE Bug 1231944 for CVE-2024-47704",
"url": "https://bugzilla.suse.com/1231944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47704"
},
{
"cve": "CVE-2024-47705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47705"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix potential invalid pointer dereference in blk_add_partition\n\nThe blk_add_partition() function initially used a single if-condition\n(IS_ERR(part)) to check for errors when adding a partition. This was\nmodified to handle the specific case of -ENXIO separately, allowing the\nfunction to proceed without logging the error in this case. However,\nthis change unintentionally left a path where md_autodetect_dev()\ncould be called without confirming that part is a valid pointer.\n\nThis commit separates the error handling logic by splitting the\ninitial if-condition, improving code readability and handling specific\nerror scenarios explicitly. The function now distinguishes the general\nerror case from -ENXIO without altering the existing behavior of\nmd_autodetect_dev() calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47705",
"url": "https://www.suse.com/security/cve/CVE-2024-47705"
},
{
"category": "external",
"summary": "SUSE Bug 1231872 for CVE-2024-47705",
"url": "https://bugzilla.suse.com/1231872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47705"
},
{
"cve": "CVE-2024-47706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix possible UAF for bfqq-\u003ebic with merge chain\n\n1) initial state, three tasks:\n\n\t\tProcess 1 Process 2\tProcess 3\n\t\t (BIC1) (BIC2)\t\t (BIC3)\n\t\t | ^ | ^\t\t | ^\n\t\t | | | |\t\t | |\n\t\t V | V |\t\t V |\n\t\t bfqq1 bfqq2\t\t bfqq3\nprocess ref:\t 1\t\t 1\t\t 1\n\n2) bfqq1 merged to bfqq2:\n\n\t\tProcess 1 Process 2\tProcess 3\n\t\t (BIC1) (BIC2)\t\t (BIC3)\n\t\t | |\t\t | ^\n\t\t \\--------------\\|\t\t | |\n\t\t V\t\t V |\n\t\t bfqq1---------\u003ebfqq2\t\t bfqq3\nprocess ref:\t 0\t\t 2\t\t 1\n\n3) bfqq2 merged to bfqq3:\n\n\t\tProcess 1 Process 2\tProcess 3\n\t\t (BIC1) (BIC2)\t\t (BIC3)\n\t here -\u003e ^ |\t\t |\n\t\t \\--------------\\ \\-------------\\|\n\t\t V\t\t V\n\t\t bfqq1---------\u003ebfqq2----------\u003ebfqq3\nprocess ref:\t 0\t\t 1\t\t 3\n\nIn this case, IO from Process 1 will get bfqq2 from BIC1 first, and then\nget bfqq3 through merge chain, and finially handle IO by bfqq3.\nHowerver, current code will think bfqq2 is owned by BIC1, like initial\nstate, and set bfqq2-\u003ebic to BIC1.\n\nbfq_insert_request\n-\u003e by Process 1\n bfqq = bfq_init_rq(rq)\n bfqq = bfq_get_bfqq_handle_split\n bfqq = bic_to_bfqq\n -\u003e get bfqq2 from BIC1\n bfqq-\u003eref++\n rq-\u003eelv.priv[0] = bic\n rq-\u003eelv.priv[1] = bfqq\n if (bfqq_process_refs(bfqq) == 1)\n bfqq-\u003ebic = bic\n -\u003e record BIC1 to bfqq2\n\n __bfq_insert_request\n new_bfqq = bfq_setup_cooperator\n -\u003e get bfqq3 from bfqq2-\u003enew_bfqq\n bfqq_request_freed(bfqq)\n new_bfqq-\u003eref++\n rq-\u003eelv.priv[1] = new_bfqq\n -\u003e handle IO by bfqq3\n\nFix the problem by checking bfqq is from merge chain fist. And this\nmight fix a following problem reported by our syzkaller(unreproducible):\n\n==================================================================\nBUG: KASAN: slab-use-after-free in bfq_do_early_stable_merge block/bfq-iosched.c:5692 [inline]\nBUG: KASAN: slab-use-after-free in bfq_do_or_sched_stable_merge block/bfq-iosched.c:5805 [inline]\nBUG: KASAN: slab-use-after-free in bfq_get_queue+0x25b0/0x2610 block/bfq-iosched.c:5889\nWrite of size 1 at addr ffff888123839eb8 by task kworker/0:1H/18595\n\nCPU: 0 PID: 18595 Comm: kworker/0:1H Tainted: G L 6.6.0-07439-gba2303cacfda #6\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\nWorkqueue: kblockd blk_mq_requeue_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:364 [inline]\n print_report+0x10d/0x610 mm/kasan/report.c:475\n kasan_report+0x8e/0xc0 mm/kasan/report.c:588\n bfq_do_early_stable_merge block/bfq-iosched.c:5692 [inline]\n bfq_do_or_sched_stable_merge block/bfq-iosched.c:5805 [inline]\n bfq_get_queue+0x25b0/0x2610 block/bfq-iosched.c:5889\n bfq_get_bfqq_handle_split+0x169/0x5d0 block/bfq-iosched.c:6757\n bfq_init_rq block/bfq-iosched.c:6876 [inline]\n bfq_insert_request block/bfq-iosched.c:6254 [inline]\n bfq_insert_requests+0x1112/0x5cf0 block/bfq-iosched.c:6304\n blk_mq_insert_request+0x290/0x8d0 block/blk-mq.c:2593\n blk_mq_requeue_work+0x6bc/0xa70 block/blk-mq.c:1502\n process_one_work kernel/workqueue.c:2627 [inline]\n process_scheduled_works+0x432/0x13f0 kernel/workqueue.c:2700\n worker_thread+0x6f2/0x1160 kernel/workqueue.c:2781\n kthread+0x33c/0x440 kernel/kthread.c:388\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:305\n \u003c/TASK\u003e\n\nAllocated by task 20776:\n kasan_save_stack+0x20/0x40 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\n slab_post_alloc_hook mm/slab.h:763 [inline]\n slab_alloc_node mm/slub.c:3458 [inline]\n kmem_cache_alloc_node+0x1a4/0x6f0 mm/slub.c:3503\n ioc_create_icq block/blk-ioc.c:370 [inline]\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47706",
"url": "https://www.suse.com/security/cve/CVE-2024-47706"
},
{
"category": "external",
"summary": "SUSE Bug 1231942 for CVE-2024-47706",
"url": "https://bugzilla.suse.com/1231942"
},
{
"category": "external",
"summary": "SUSE Bug 1231943 for CVE-2024-47706",
"url": "https://bugzilla.suse.com/1231943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "important"
}
],
"title": "CVE-2024-47706"
},
{
"cve": "CVE-2024-47707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47707"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()\n\nBlamed commit accidentally removed a check for rt-\u003ert6i_idev being NULL,\nas spotted by syzbot:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 1 UID: 0 PID: 10998 Comm: syz-executor Not tainted 6.11.0-rc6-syzkaller-00208-g625403177711 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\n RIP: 0010:rt6_uncached_list_flush_dev net/ipv6/route.c:177 [inline]\n RIP: 0010:rt6_disable_ip+0x33e/0x7e0 net/ipv6/route.c:4914\nCode: 41 80 3c 04 00 74 0a e8 90 d0 9b f7 48 8b 7c 24 08 48 8b 07 48 89 44 24 10 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df \u003c80\u003e 3c 08 00 74 08 4c 89 f7 e8 64 d0 9b f7 48 8b 44 24 18 49 39 06\nRSP: 0018:ffffc900047374e0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 1ffff1100fdf8f33 RCX: dffffc0000000000\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88807efc78c0\nRBP: ffffc900047375d0 R08: 0000000000000003 R09: fffff520008e6e8c\nR10: dffffc0000000000 R11: fffff520008e6e8c R12: 1ffff1100fdf8f18\nR13: ffff88807efc7998 R14: 0000000000000000 R15: ffff88807efc7930\nFS: 0000000000000000(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020002a80 CR3: 0000000022f62000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n addrconf_ifdown+0x15d/0x1bd0 net/ipv6/addrconf.c:3856\n addrconf_notify+0x3cb/0x1020\n notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93\n call_netdevice_notifiers_extack net/core/dev.c:2032 [inline]\n call_netdevice_notifiers net/core/dev.c:2046 [inline]\n unregister_netdevice_many_notify+0xd81/0x1c40 net/core/dev.c:11352\n unregister_netdevice_many net/core/dev.c:11414 [inline]\n unregister_netdevice_queue+0x303/0x370 net/core/dev.c:11289\n unregister_netdevice include/linux/netdevice.h:3129 [inline]\n __tun_detach+0x6b9/0x1600 drivers/net/tun.c:685\n tun_detach drivers/net/tun.c:701 [inline]\n tun_chr_close+0x108/0x1b0 drivers/net/tun.c:3510\n __fput+0x24a/0x8a0 fs/file_table.c:422\n task_work_run+0x24f/0x310 kernel/task_work.c:228\n exit_task_work include/linux/task_work.h:40 [inline]\n do_exit+0xa2f/0x27f0 kernel/exit.c:882\n do_group_exit+0x207/0x2c0 kernel/exit.c:1031\n __do_sys_exit_group kernel/exit.c:1042 [inline]\n __se_sys_exit_group kernel/exit.c:1040 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1040\n x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f1acc77def9\nCode: Unable to access opcode bytes at 0x7f1acc77decf.\nRSP: 002b:00007ffeb26fa738 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1acc77def9\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043\nRBP: 00007f1acc7dd508 R08: 00007ffeb26f84d7 R09: 0000000000000003\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 0000000000000003 R14: 00000000ffffffff R15: 00007ffeb26fa8e0\n \u003c/TASK\u003e\nModules linked in:\n---[ end trace 0000000000000000 ]---\n RIP: 0010:rt6_uncached_list_flush_dev net/ipv6/route.c:177 [inline]\n RIP: 0010:rt6_disable_ip+0x33e/0x7e0 net/ipv6/route.c:4914\nCode: 41 80 3c 04 00 74 0a e8 90 d0 9b f7 48 8b 7c 24 08 48 8b 07 48 89 44 24 10 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df \u003c80\u003e 3c 08 00 74 08 4c 89 f7 e8 64 d0 9b f7 48 8b 44 24 18 49 39 06\nRSP: 0018:ffffc900047374e0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 1ffff1100fdf8f33 RCX: dffffc0000000000\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88807efc78c0\nR\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47707",
"url": "https://www.suse.com/security/cve/CVE-2024-47707"
},
{
"category": "external",
"summary": "SUSE Bug 1231935 for CVE-2024-47707",
"url": "https://bugzilla.suse.com/1231935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47707"
},
{
"cve": "CVE-2024-47709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47709"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: Clear bo-\u003ebcm_proc_read after remove_proc_entry().\n\nsyzbot reported a warning in bcm_release(). [0]\n\nThe blamed change fixed another warning that is triggered when\nconnect() is issued again for a socket whose connect()ed device has\nbeen unregistered.\n\nHowever, if the socket is just close()d without the 2nd connect(), the\nremaining bo-\u003ebcm_proc_read triggers unnecessary remove_proc_entry()\nin bcm_release().\n\nLet\u0027s clear bo-\u003ebcm_proc_read after remove_proc_entry() in bcm_notify().\n\n[0]\nname \u00274986\u0027\nWARNING: CPU: 0 PID: 5234 at fs/proc/generic.c:711 remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711\nModules linked in:\nCPU: 0 UID: 0 PID: 5234 Comm: syz-executor606 Not tainted 6.11.0-rc5-syzkaller-00178-g5517ae241919 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711\nCode: ff eb 05 e8 cb 1e 5e ff 48 8b 5c 24 10 48 c7 c7 e0 f7 aa 8e e8 2a 38 8e 09 90 48 c7 c7 60 3a 1b 8c 48 89 de e8 da 42 20 ff 90 \u003c0f\u003e 0b 90 90 48 8b 44 24 18 48 c7 44 24 40 0e 36 e0 45 49 c7 04 07\nRSP: 0018:ffffc9000345fa20 EFLAGS: 00010246\nRAX: 2a2d0aee2eb64600 RBX: ffff888032f1f548 RCX: ffff888029431e00\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffc9000345fb08 R08: ffffffff8155b2f2 R09: 1ffff1101710519a\nR10: dffffc0000000000 R11: ffffed101710519b R12: ffff888011d38640\nR13: 0000000000000004 R14: 0000000000000000 R15: dffffc0000000000\nFS: 0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fcfb52722f0 CR3: 000000000e734000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n bcm_release+0x250/0x880 net/can/bcm.c:1578\n __sock_release net/socket.c:659 [inline]\n sock_close+0xbc/0x240 net/socket.c:1421\n __fput+0x24a/0x8a0 fs/file_table.c:422\n task_work_run+0x24f/0x310 kernel/task_work.c:228\n exit_task_work include/linux/task_work.h:40 [inline]\n do_exit+0xa2f/0x27f0 kernel/exit.c:882\n do_group_exit+0x207/0x2c0 kernel/exit.c:1031\n __do_sys_exit_group kernel/exit.c:1042 [inline]\n __se_sys_exit_group kernel/exit.c:1040 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1040\n x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fcfb51ee969\nCode: Unable to access opcode bytes at 0x7fcfb51ee93f.\nRSP: 002b:00007ffce0109ca8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fcfb51ee969\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001\nRBP: 00007fcfb526f3b0 R08: ffffffffffffffb8 R09: 0000555500000000\nR10: 0000555500000000 R11: 0000000000000246 R12: 00007fcfb526f3b0\nR13: 0000000000000000 R14: 00007fcfb5271ee0 R15: 00007fcfb51bf160\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47709",
"url": "https://www.suse.com/security/cve/CVE-2024-47709"
},
{
"category": "external",
"summary": "SUSE Bug 1232048 for CVE-2024-47709",
"url": "https://bugzilla.suse.com/1232048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47709"
},
{
"cve": "CVE-2024-47710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47710"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsock_map: Add a cond_resched() in sock_hash_free()\n\nSeveral syzbot soft lockup reports all have in common sock_hash_free()\n\nIf a map with a large number of buckets is destroyed, we need to yield\nthe cpu when needed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47710",
"url": "https://www.suse.com/security/cve/CVE-2024-47710"
},
{
"category": "external",
"summary": "SUSE Bug 1232049 for CVE-2024-47710",
"url": "https://bugzilla.suse.com/1232049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47710"
},
{
"cve": "CVE-2024-47712",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47712"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param\n\nIn the `wilc_parse_join_bss_param` function, the TSF field of the `ies`\nstructure is accessed after the RCU read-side critical section is\nunlocked. According to RCU usage rules, this is illegal. Reusing this\npointer can lead to unpredictable behavior, including accessing memory\nthat has been updated or causing use-after-free issues.\n\nThis possible bug was identified using a static analysis tool developed\nby myself, specifically designed to detect RCU-related issues.\n\nTo address this, the TSF value is now stored in a local variable\n`ies_tsf` before the RCU lock is released. The `param-\u003etsf_lo` field is\nthen assigned using this local variable, ensuring that the TSF value is\nsafely accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47712",
"url": "https://www.suse.com/security/cve/CVE-2024-47712"
},
{
"category": "external",
"summary": "SUSE Bug 1232017 for CVE-2024-47712",
"url": "https://bugzilla.suse.com/1232017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47712"
},
{
"cve": "CVE-2024-47713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()\n\nSince \u0027__dev_queue_xmit()\u0027 should be called with interrupts enabled,\nthe following backtrace:\n\nieee80211_do_stop()\n ...\n spin_lock_irqsave(\u0026local-\u003equeue_stop_reason_lock, flags)\n ...\n ieee80211_free_txskb()\n ieee80211_report_used_skb()\n ieee80211_report_ack_skb()\n cfg80211_mgmt_tx_status_ext()\n nl80211_frame_tx_status()\n genlmsg_multicast_netns()\n genlmsg_multicast_netns_filtered()\n nlmsg_multicast_filtered()\n\t netlink_broadcast_filtered()\n\t do_one_broadcast()\n\t netlink_broadcast_deliver()\n\t __netlink_sendskb()\n\t netlink_deliver_tap()\n\t __netlink_deliver_tap_skb()\n\t dev_queue_xmit()\n\t __dev_queue_xmit() ; with IRQS disabled\n ...\n spin_unlock_irqrestore(\u0026local-\u003equeue_stop_reason_lock, flags)\n\nissues the warning (as reported by syzbot reproducer):\n\nWARNING: CPU: 2 PID: 5128 at kernel/softirq.c:362 __local_bh_enable_ip+0xc3/0x120\n\nFix this by implementing a two-phase skb reclamation in\n\u0027ieee80211_do_stop()\u0027, where actual work is performed\noutside of a section with interrupts disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47713",
"url": "https://www.suse.com/security/cve/CVE-2024-47713"
},
{
"category": "external",
"summary": "SUSE Bug 1232016 for CVE-2024-47713",
"url": "https://bugzilla.suse.com/1232016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-03-27T14:05:14Z",
"details": "moderate"
}
],
"title": "CVE-2024-47713"
},
{
"cve": "CVE-2024-47714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7996: use hweight16 to get correct tx antenna\n\nThe chainmask is u16 so using hweight8 cannot get correct tx_ant.\nWithout this patch, the tx_ant of band 2 would be -1 and lead to the\nfollowing issue:\nBUG: KASAN: stack-out-of-bounds in mt7996_mcu_add_sta+0x12e0/0x16e0 [mt7996e]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-24.1.21.4.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-24.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-24-default-1-1.2.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-24.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-24.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47714",
"url": "https://www.suse.com/security/cve/CVE-2024-47714"
},
{
"category": "exte